Format Specification Syntax: printf and wprintf Functions
Describes the syntax for format string arguments to printf, wprintf, and related functions. More secure versions of these functions are available; for more information, see Security Features in the CRT. For information about the individual functions, see the documentation for those specific functions. For a listing of these functions, see Stream I/O.
A format specification, which consists of optional and required fields, has the following form:
%[flags] [width] [.precision] [{h | l | ll | w | I | I32 | I64}] type
Each field of the format specification is a character or a number that signifies a particular format option or conversion specifier. The required type character specifies the kind of conversion to be applied to an argument. The optional flags, width, and precision fields control additional format aspects. A basic format specification contains only the percent sign and a type character—for example, %s, which specifies a string conversion. In the secure versions of the functions, if a percent sign is followed by a character that has no meaning as a format field, the invalid parameter handler is invoked. For more information, see Parameter Validation. In the non-secure versions, the character is copied to the output unchanged. To print a percent-sign character, use %%.
The fields of the format specification control the following aspects of argument conversion and formatting:
Security Note
|
|---|
|
Ensure that format specification strings are not user-defined. For example, consider a program that prompts the user to enter a name and stores the input in a string variable that's named name. To print name, do not do this: printf( name ); /* Danger! If name contains "%s", program will crash */ Instead, do this: printf( "%s", name ); |
Security Note