Click on image to see enlargment
Alfred, a poli-sci major, with the emphasis on poli, wrote this program to print out the top 3 popular vote getters in presidential elections. But the resulting wacky behavior was not what he expected. What did he do wrong?
bug592.cpp lint Output
--- Module: bug592.cpp (C++) _ printf( buf ); bug592.cpp(22) : Warning 592: Non-literal format specifier used without arguments
Reference Manual Explanation
592 Non-literal format specifier used without arguments -- A printf/scanf style function received a non-literal format specifier without trailing arguments. For example: char msg; ... printf( msg ); This can easily be rewritten to the relatively safe: char msg; ... printf( "%s", msg ); The danger lies in the fact that msg can contain hidden format codes. If msg is read from user input, then in the first example, a naive user could cause a glitch or a crash and a malicious user might exploit this to undermine system security. Since the unsafe form can easily be transformed into the safe form the latter should always be used.
If you have comments or questions about this bug, please post them to our Discussion Forum
Previous Bug - Bug #774 - January 2010