By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
454,505 Members | 1,761 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 454,505 IT Pros & Developers. It's quick & easy.

(part 14) Han from China answers your C questions

P: n/a
No format string passed to variable argument list function

Adam said:
>If I call the function using something like:
char message[50];
strcpy(message, "hi there");
print("%s",message);

everything works, but if I do:
print(message);

it doesn't (program crashes with an abort).
Then Adam laters says:
Trouble is, I can't replicate it in a
simple example (and a complex example would take me well out of
comp.lang.c territory). I though perhaps that some undefined behaviour
was causing problems in one case but not in another, but
I guess I need to look elsewhere for my problem.
Then Adam later says:
Bingo :) That's exactly what it was. The input to my function was
coming from the GUI element of the app and I hadn't considered
checking for "%" in the string - and that's what was there!
Dear Adam,

If the 'message' part of your custom print() function comes from an
external source, it's possible your app has a bigger problem than
a mere crash - it contains a serious security vulnerability.

Change
print(message);
to
print("%s", message);

Don't tempt fate, or one day someone will come along and use
C's %n format specifier in 'message' (along with some specifiers
of secondary importance) to overwrite critical portions of memory
and gain control of your computer.

Yours,
Han from China

Nov 10 '08 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.