2018-05-21 00:31:15 +02:00
|
|
|
.\" $NetBSD: fmtcheck.3,v 1.8 2014/06/14 08:18:24 apb Exp $
|
|
|
|
.\"
|
2005-12-20 20:29:47 +00:00
|
|
|
.\" Copyright (c) 2000 The NetBSD Foundation, Inc.
|
|
|
|
.\" All rights reserved.
|
|
|
|
.\"
|
|
|
|
.\" This file was contributed to The NetBSD Foundation by Allen Briggs.
|
|
|
|
.\"
|
|
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
|
|
.\" modification, are permitted provided that the following conditions
|
|
|
|
.\" are met:
|
|
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
|
|
.\"
|
|
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
|
|
|
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
|
|
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
|
|
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
|
|
|
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
|
|
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
|
|
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
|
|
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
|
|
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
|
|
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
|
|
.\" POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
.\"
|
2018-05-21 00:31:15 +02:00
|
|
|
.Dd June 14, 2014
|
2017-06-23 05:59:35 +02:00
|
|
|
.Dt FMTCHECK 3bsd
|
2018-05-21 00:31:15 +02:00
|
|
|
.Os
|
2005-12-20 20:29:47 +00:00
|
|
|
.Sh NAME
|
|
|
|
.Nm fmtcheck
|
2018-05-21 00:31:15 +02:00
|
|
|
.Nd sanitizes user-supplied printf(3)-style format string
|
2005-12-20 20:29:47 +00:00
|
|
|
.Sh LIBRARY
|
2009-12-11 21:31:48 +01:00
|
|
|
.ds str-Lb-libbsd Utility functions from BSD systems (libbsd, \-lbsd)
|
|
|
|
.Lb libbsd
|
2005-12-20 20:29:47 +00:00
|
|
|
.Sh SYNOPSIS
|
2017-06-05 06:33:47 +02:00
|
|
|
.In stdio.h
|
|
|
|
(See
|
|
|
|
.Xr libbsd 7
|
|
|
|
for include usage.)
|
2005-12-20 20:29:47 +00:00
|
|
|
.Ft const char *
|
|
|
|
.Fn fmtcheck "const char *fmt_suspect" "const char *fmt_default"
|
|
|
|
.Sh DESCRIPTION
|
|
|
|
The
|
2018-05-21 00:31:15 +02:00
|
|
|
.Nm
|
|
|
|
function scans
|
2005-12-20 20:29:47 +00:00
|
|
|
.Fa fmt_suspect
|
|
|
|
and
|
|
|
|
.Fa fmt_default
|
|
|
|
to determine if
|
|
|
|
.Fa fmt_suspect
|
|
|
|
will consume the same argument types as
|
|
|
|
.Fa fmt_default
|
|
|
|
and to ensure that
|
|
|
|
.Fa fmt_suspect
|
|
|
|
is a valid format string.
|
|
|
|
.Pp
|
|
|
|
The
|
|
|
|
.Xr printf 3
|
2018-05-21 00:31:15 +02:00
|
|
|
family of functions can not verify the types of arguments that they are
|
2005-12-20 20:29:47 +00:00
|
|
|
passed at run-time.
|
|
|
|
In some cases, like
|
|
|
|
.Xr catgets 3 ,
|
|
|
|
it is useful or necessary to use a user-supplied format string with no
|
2018-05-21 00:31:15 +02:00
|
|
|
guarantee that the format string matches the specified parameters.
|
2005-12-20 20:29:47 +00:00
|
|
|
.Pp
|
|
|
|
The
|
2018-05-21 00:31:15 +02:00
|
|
|
.Nm
|
|
|
|
function was designed to be used in these cases, as in:
|
2005-12-20 20:29:47 +00:00
|
|
|
.Bd -literal -offset indent
|
|
|
|
printf(fmtcheck(user_format, standard_format), arg1, arg2);
|
|
|
|
.Ed
|
|
|
|
.Pp
|
2018-05-21 00:31:15 +02:00
|
|
|
In the check, field widths, fillers, precisions, etc. are ignored (unless
|
2005-12-20 20:29:47 +00:00
|
|
|
the field width or precision is an asterisk
|
|
|
|
.Ql *
|
|
|
|
instead of a digit string).
|
2018-05-21 00:31:15 +02:00
|
|
|
Also, any text other than the format specifiers is completely ignored.
|
|
|
|
.Pp
|
|
|
|
Note that the formats may be quite different as long as they accept the
|
|
|
|
same parameters.
|
|
|
|
For example, "%ld %o %30s %#llx %-10.*e %n" is
|
|
|
|
compatible with "This number %lu %d%% and string %s has %qd numbers
|
|
|
|
and %.*g floats (%n)."
|
|
|
|
However, "%o" is not equivalent to "%lx" because
|
|
|
|
the first requires an integer and the second requires a long,
|
|
|
|
and "%p" is not equivalent to "%lu" because
|
|
|
|
the first requires a pointer and the second requires a long.
|
2005-12-20 20:29:47 +00:00
|
|
|
.Sh RETURN VALUES
|
|
|
|
If
|
|
|
|
.Fa fmt_suspect
|
|
|
|
is a valid format and consumes the same argument types as
|
|
|
|
.Fa fmt_default ,
|
|
|
|
then the
|
2018-05-21 00:31:15 +02:00
|
|
|
.Nm
|
|
|
|
function will return
|
2005-12-20 20:29:47 +00:00
|
|
|
.Fa fmt_suspect .
|
|
|
|
Otherwise, it will return
|
|
|
|
.Fa fmt_default .
|
|
|
|
.Sh SEE ALSO
|
|
|
|
.Xr printf 3
|