468,743 Members | 2,238 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,743 developers. It's quick & easy.

what is the difference between sprintf and snprintf?

72
Hi All,

I wants to know what is the difference between sprintf and snprintf?

Thanks,
Manjunath
Jul 28 '09 #1
8 32015
JosAH
11,448 Expert 8TB
@manjuks
Have you read the documentation for both functions? sprintf() is part of the Standard Library while snprintf() isn't. The second function limits the number of characters written to the output character buffer while the first one doesn't. The first function can cause buffer overflow while the second function can protect you from that (if used correctly).

kind regards,

Jos
Jul 28 '09 #2
manjuks
72
Hi JosAH,

Thanks for your reply...

I didnt understand how the snprintf protect from buffer flow, Can you explain bit elaborative?

Thanks,
Manjunath
Jul 28 '09 #3
JosAH
11,448 Expert 8TB
@manjuks

You can tell the snprintf() function to print at most n characters, no matter any buffer size or the size of the complete output; if you set n+1 equal to the size of your buffer the buffer will never overflow (n+1 because that function prints a terminating \0).

kind regards,

Jos
Jul 28 '09 #4
Banfa
9,057 Expert Mod 8TB
In most snprintf implementation I have seen/seen documented the size passed to the function is the buffer size. So if you have a buffer of N bytes you pass N as the size to the snprint and it writes at most N-1 characters to the buffer followed by a zero terminator.
Jul 28 '09 #5
JosAH
11,448 Expert 8TB
Have a look at this link, I think that's one of the reasons it isn't part of the Standard yet.

kind regards,

Jos
Jul 28 '09 #6
spamvictim
1 Bit
A Buffer Overflow is caused by writing data over the border of reserved memory space for something.
Which could cause all kind of errors and unwanted behaviours.
With sprintf you can't control how much characters(bytes) are being written into a reserved memory space.

the last character is always a "\0" escape sequence with sprintf and snprintf. So for a string of 4 characters like "abcd" I would need to reserve 5 chars(bytes) with something like "char strBuffer[5]".

Example:
char strBuffer[5];
sprintf(strBuffer, "123456");

I reserve 5 bytes(chars) for the char buffer but try to write a string into it that's 6 bytes(chars)+1(for "\0") long. In other words I'm overflowing the the char buffer by 2 bytes(chars) which is being written into unknown memory area like described above.

With snprintf I can control how many characters(bytes) are written into the char buffer at max(which should be the number of reserved chars(bytes) for the char buffer) to avoid any overflow of data over the area of reserved memory.

Example:
char strBuffer[5];
sprintf(strBuffer, sizeof(strBuffer), "123456");

The expected result would be "1234" because the last and 5th character must be the "\0" escape sequence so it's actually "1234\0"
But u can't see the escape sequence, it's only for the program to know where the string ends.

I hope this helped everyone.
Here is an example:
https://onlinegdb.com/KB_da67uI
4 Weeks Ago #7
iamkajal
2 2Bits
(1) String buffer of sprintf and snprintf functions
Because sprintf may cause buffer overflow problems and is not recommended, I always prefer to use the snprintf function in the project, although it will be a little troublesome. Here is the main difference between sprintf and snprintf: snprintf ensures that the buffer does not overflow by providing the available size of the buffer and passing parameters. If it exceeds the buffer size, it is truncated.

(2) The return value of sprintf and snprintf functions

The return value of the snprintf function
The sprintf function returns the number of characters actually output to the string buffer, Including the null terminator.
The snprintf function returns the number of characters that should be output to the string buffer, So the return value of snprintf may be greater than the given available buffer size and the resulting string length.

you should check out studytonight for futher information.
2 Weeks Ago #8
priti kumari
3 2Bits
1. The main differences are as follows
(1) String buffer of and functions
Because may cause buffer overflow problems and is not recommended, I always prefer to use the function in the project, although it will be a little troublesome.
(2) The return value of sprintf and snprintf function
function returns the number of characters that should be output to the string buffer, So the return value of may be greater than the given available buffer size and the
2 Weeks Ago #9

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

2 posts views Thread by diadia | last post: by
2 posts views Thread by ajay.bansal02 | last post: by
4 posts views Thread by Dennis | last post: by
2 posts views Thread by satty888 | last post: by
xarzu
2 posts views Thread by xarzu | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.