Safe handling of string variables

Question

Safe handling of string variables

Hello, I'm pretty new to C and in a nutshell I was doing the following as part of my class assignment:

foo (char *var) {
  printf(var);
}

I was told that this is bad practice and unsafe, but I have not received detailed information about this from my mentor. I am guessing that if the var string is user-controlled it can be used to do bufferoverflow? How am I supposed to solidify this code? Do I need to limit the length of the string or something else?

Cheers and thanks!

+3

c variables string security printf

lightsaber 21 jan. 13 at 10:37

source to share

4 answers

This is UNSAFE because it can lead to Format String Attack

+6

Davide Berra 21 jan. At 10:45 am

source to share

Well, the first argument to printf is a format string. Thus, the calling function can pass:

foo("%d")

and then it printf

will look for an integer that is not there and cause undefined behavior. One possible fix for your function:

printf("%s", var);

which would have been printf

interpreted var

as a regular string (not a format).

0

James McLaughlin 21 jan. 13 at 10:43

source to share

Printf has the following signature:

int printf(
   const char *format [,
   argument]... 
);

If the user enters format characters like% s all sorts of bad things will happen.

Use puts if you just want to output a string.

0

frast 21 jan. 13 at 10:44

source to share

RichieHindle · Accepted Answer · 2013-01-21T10:42:17+0000

You must use:

printf("%s", var);

instead of this. The way you have it, I could enter %s

as my input, and printf

- read a random chunk of memory as it was looking for a string to print. This can cause any unexpected behavior.

Safe handling of string variables

More articles: