xref: /freebsd/lib/libc/gen/fmtcheck.3 (revision fa9896e082a1046ff4fbc75fcba4d18d1f2efc19) 
13d090549SKris Kennaway.\" Copyright (c) 2000 The NetBSD Foundation, Inc.
23d090549SKris Kennaway.\" All rights reserved.
33d090549SKris Kennaway.\"
43d090549SKris Kennaway.\" This file was contributed to The NetBSD Foundation by Allen Briggs.
53d090549SKris Kennaway.\"
63d090549SKris Kennaway.\" Redistribution and use in source and binary forms, with or without
73d090549SKris Kennaway.\" modification, are permitted provided that the following conditions
83d090549SKris Kennaway.\" are met:
93d090549SKris Kennaway.\" 1. Redistributions of source code must retain the above copyright
103d090549SKris Kennaway.\"    notice, this list of conditions and the following disclaimer.
113d090549SKris Kennaway.\" 2. Redistributions in binary form must reproduce the above copyright
123d090549SKris Kennaway.\"    notice, this list of conditions and the following disclaimer in the
133d090549SKris Kennaway.\"    documentation and/or other materials provided with the distribution.
143d090549SKris Kennaway.\"
153d090549SKris Kennaway.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
163d090549SKris Kennaway.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
173d090549SKris Kennaway.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
183d090549SKris Kennaway.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
193d090549SKris Kennaway.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
203d090549SKris Kennaway.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
213d090549SKris Kennaway.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
223d090549SKris Kennaway.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
233d090549SKris Kennaway.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
243d090549SKris Kennaway.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
253d090549SKris Kennaway.\" POSSIBILITY OF SUCH DAMAGE.
26185b9d1cSTim J. Robbins.Dd October 16, 2002
273d090549SKris Kennaway.Dt FMTCHECK 3
28aa12cea2SUlrich Spörlein.Os
293d090549SKris Kennaway.Sh NAME
303d090549SKris Kennaway.Nm fmtcheck
316575e6daSRuslan Ermilov.Nd sanitizes user-supplied
326575e6daSRuslan Ermilov.Xr printf 3 Ns -style
336575e6daSRuslan Ermilovformat string
343d090549SKris Kennaway.Sh LIBRARY
353d090549SKris Kennaway.Lb libc
363d090549SKris Kennaway.Sh SYNOPSIS
3732eef9aeSRuslan Ermilov.In stdio.h
383d090549SKris Kennaway.Ft const char *
393d090549SKris Kennaway.Fn fmtcheck "const char *fmt_suspect" "const char *fmt_default"
403d090549SKris Kennaway.Sh DESCRIPTION
413d090549SKris KennawayThe
422efb80a8SRuslan Ermilov.Fn fmtcheck
432efb80a8SRuslan Ermilovscans
443d090549SKris Kennaway.Fa fmt_suspect
453d090549SKris Kennawayand
463d090549SKris Kennaway.Fa fmt_default
473d090549SKris Kennawayto determine if
483d090549SKris Kennaway.Fa fmt_suspect
493d090549SKris Kennawaywill consume the same argument types as
503d090549SKris Kennaway.Fa fmt_default
513d090549SKris Kennawayand to ensure that
523d090549SKris Kennaway.Fa fmt_suspect
533d090549SKris Kennawayis a valid format string.
543d090549SKris Kennaway.Pp
553d090549SKris KennawayThe
563d090549SKris Kennaway.Xr printf 3
573d090549SKris Kennawayfamily of functions cannot verify the types of arguments that they are
581a0a9345SRuslan Ermilovpassed at run-time.
591a0a9345SRuslan ErmilovIn some cases, like
603d090549SKris Kennaway.Xr catgets 3 ,
613d090549SKris Kennawayit is useful or necessary to use a user-supplied format string with no
622efeeba5SRuslan Ermilovguarantee that the format string matches the specified arguments.
633d090549SKris Kennaway.Pp
643d090549SKris KennawayThe
652efb80a8SRuslan Ermilov.Fn fmtcheck
662efb80a8SRuslan Ermilovwas designed to be used in these cases, as in:
673d090549SKris Kennaway.Bd -literal -offset indent
683d090549SKris Kennawayprintf(fmtcheck(user_format, standard_format), arg1, arg2);
693d090549SKris Kennaway.Ed
703d090549SKris Kennaway.Pp
711a0a9345SRuslan ErmilovIn the check, field widths, fillers, precisions, etc.\& are ignored (unless
723d090549SKris Kennawaythe field width or precision is an asterisk
733d090549SKris Kennaway.Ql *
741a0a9345SRuslan Ermilovinstead of a digit string).
751a0a9345SRuslan ErmilovAlso, any text other than the format specifiers
763d090549SKris Kennawayis completely ignored.
773d090549SKris Kennaway.Sh RETURN VALUES
783d090549SKris KennawayIf
793d090549SKris Kennaway.Fa fmt_suspect
803d090549SKris Kennawayis a valid format and consumes the same argument types as
813d090549SKris Kennaway.Fa fmt_default ,
823d090549SKris Kennawaythen the
832efb80a8SRuslan Ermilov.Fn fmtcheck
842efb80a8SRuslan Ermilovwill return
853d090549SKris Kennaway.Fa fmt_suspect .
863d090549SKris KennawayOtherwise, it will return
873d090549SKris Kennaway.Fa fmt_default .
88*0afc94c1SUlrich Spörlein.Sh SEE ALSO
89*0afc94c1SUlrich Spörlein.Xr printf 3
90*0afc94c1SUlrich Spörlein.Sh BUGS
91*0afc94c1SUlrich SpörleinThe
92*0afc94c1SUlrich Spörlein.Fn fmtcheck
93*0afc94c1SUlrich Spörleinfunction does not recognize positional parameters.
9405ddd41bSChris Costello.Sh SECURITY CONSIDERATIONS
9505ddd41bSChris CostelloNote that the formats may be quite different as long as they accept the
961a0a9345SRuslan Ermilovsame arguments.
971a0a9345SRuslan ErmilovFor example,
9805ddd41bSChris Costello.Qq Li "%p %o %30s %#llx %-10.*e %n"
9905ddd41bSChris Costellois compatible with
10005ddd41bSChris Costello.Qq Li "This number %lu %d%% and string %s has %qd numbers and %.*g floats (%n)" .
10105ddd41bSChris CostelloHowever,
10205ddd41bSChris Costello.Qq Li %o
10305ddd41bSChris Costellois not equivalent to
10405ddd41bSChris Costello.Qq Li %lx
10505ddd41bSChris Costellobecause
10605ddd41bSChris Costellothe first requires an integer and the second requires a long.
107