...
The perfect remedy to format string problems is to ensure that user generated input never shows up in format strings. This will safeguard the code from unforeseen exploitation.
| Code Block | ||
|---|---|---|
| ||
import java.util.Calendar;
import java.util.GregorianCalendar;
import static java.util.Calendar.*;
class Format {
static Calendar c = new GregorianCalendar(1995, MAY, 23);
public static void main(String[] args) {
//args[0] is the credit card expiration date
//perform comparison with c, if it doesn't match print the following line
System.out.printf("The input did not match! HINT: It was issued on %1$terd of some month", c);
}
}
|
...