undefined | Better HN

0 pointsanyfoo5y ago0 comments

That's however relatively easy to verify programmatically, and indeed any recent compiler will complain about that.

I'd say the usual trap is rather the size of the target buffer, because that requires bigger static analysis guns. (I'm ignoring things like "%n", because then you're playing with fire already.)

0 comments

Gibbon15y ago

I think the big three C compilers have pragma's that you can tag printf/scanf with that will cause the compiler to verify the argument list.

xxpor5y ago

__attribute__((format(printf, x, y))) for GCC:

https://gcc.gnu.org/onlinedocs/gcc-3.2/gcc/Function-Attribut...

There's options other than printf too.

j / k navigate · click thread line to collapse