The
fmtcheck ();
scans
Fa fmt_suspect
and
Fa fmt_default
to determine if
Fa fmt_suspect
will consume the same argument types as
Fa fmt_default
and to ensure that
Fa fmt_suspect
is a valid format string.
The
printf(3)
family of functions cannot verify the types of arguments that they are
passed at run-time.
In some cases, like
catgets(3),
it is useful or necessary to use a user-supplied format string with no
guarantee that the format string matches the specified arguments.
The
fmtcheck ();
was designed to be used in these cases, as in:
In the check, field widths, fillers, precisions, etc. are ignored (unless
the field width or precision is an asterisk
`*'
instead of a digit string).
Also, any text other than the format specifiers
is completely ignored.
RETURN VALUES
If
Fa fmt_suspect
is a valid format and consumes the same argument types as
Fa fmt_default ,
then the
fmtcheck ();
will return
Fa fmt_suspect .
Otherwise, it will return
Fa fmt_default .
SECURITY CONSIDERATIONS
Note that the formats may be quite different as long as they accept the
same arguments.
For example,
Qq Li %p %o %30s %#llx %-10.*e %n
is compatible with
Qq Li This number %lu %d%% and string %s has %qd numbers and %.*g floats (%n) .
However,
Qq Li %o
is not equivalent to
Qq Li %lx
because
the first requires an integer and the second requires a long.
