SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 39

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 40

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider v2.1 (sch jbop) (X_X)@==(Q_Q)@

...

Another common mistake is to use more format specifiers than supplied arguments. This results in undefined behavior, which could end up pulling extra values off the stack and unintentionally exposing data. The following example illustrates shows a case of this:

Code Block
bgColor#ffcccc
char const *error_msg = "Resource not available to user.";
/* ... */
printf("Error (%s): %s", error_msg);

...

Wiki Markup
\[[ISO/IEC 9899-:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.15, "Variable arguments," and Section 7.19.6.8, "The {{vfprintf}} function"
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "OTR Subprogram Signature Mismatch"
\[[MISRA 04|AA. C References#MISRA 04]\] Rule 16.1
\[[Seacord 05c|AA. C References#Seacord 05c]\]

...