...
For formatted output functions such as printf(), it is unlikely that a programmer would modify the format string. However, an attacker may attempt this if a program violates FIO30-C. Exclude user input from format strings and passes tainted values as part of the format string.
...
In this noncompliant code example, the programmer is attempting to overwrite the format string with a string value read in from stdin such as "%d%f 1 3.3" , and to use the resulting modified string of "%s%d%f" to input the subsequent %d and %f valuesvalues of 1 and 3.3:
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h> /* ... */ char format[100] = "%s"; int i; float x; int n = scanf(format, format + 2, &i, &x); |
...
Douglas Walls. How to Use the Qualifier in C. Sun ONE Tools Group, Sun Microsystems, July 2003 (revised March 2006)
...