Interpretation of Java format strings is stricter than that in languages such as C. The standard library implementations in the standard libraries throw appropriate exceptions when any conversion argument fails to match the corresponding flag. This approach reduces opportunities for malicious exploits. Nevertheless, malicious user input can exploit format strings and can cause information leaks or denial of service. As a result, strings from an untrusted source shall not be incorporated into format strings.
...
Static analysis tools that perform taint analysis can diagnose some violations of this rule.
Related
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
CWE-134 "Uncontrolled Format String" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="63ed72a86c985be9-ffac456c-492b4613-b130826d-f8b73f432b1ad298230bee75"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [Class Formatter | http://java.sun.com/javase/6/docs/api/java/util/Formatter.html] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="fbd9ecd0d2c167bd-91ea7328-456d411f-aeff83c6-51f7632b5d3a40049ee948df"><ac:plain-text-body><![CDATA[ | [[Seacord 2005 | AA. Bibliography#Seacord 05]] | Chapter 6, Formatted Output | ]]></ac:plain-text-body></ac:structured-macro> |
...