SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 56

changes.mady.by.user Pranjal Jumde

Saved on

compared with

New Version 57

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The formatted IO functions fprintf(), printf(), sprintf(), snprintf(), vfprintf(), vprintf(), vsprintf(), and vsnprintf() convert, format, and print their arguments under control of a format string. Section 7.21.6.1 of the C standard Standard [ISO/IEC 9899:2011], states:

...

CERT C++ Secure Coding Standard: FIO00-CPP. Take care when creating format strings

ISO/IEC 9899:2011 Section 7.21.6.1, "The fprintf function"ISO/IEC TR TS 17961 (Draft) Using invalid format strings [invfmtstr]

MITRE CWE: CWE-686, "Function call with incorrect argument type"

Bibliography

ISO/IEC 9899:2011 Section 7.21.6.1, "The fprintf function"

...