printf :这安全吗? [英] printf : Is this safe?

问题描述

我只是想知道这个表达式是否安全:

I am just wondering if this expression is safe :

int main (void)
{
  char my_tab[256];

  memset(my_tab,0x61,sizeof(my_tab));

  printf("Is it safe ? : %.256s",my_tab); /* is it safe ? */
}

推荐答案

是的，您将打印出 256 个字符，仅此而已.

Yes, you will print out 256 characters, and nothing more.

来自 C11 标准 7.21.6.p4:

From the C11-Standard 7.21.6. p4:

一个可选的精度，给出最少位数出现对于 d、i、o、u、x 和 X 转换，位数出现在 a、A、e、E、f 和 F 的小数点字符之后转换，g 和 G 的最大有效位数转换， 或要为 s 写入的最大字节数 精度采用句点 (.) 后跟的形式通过星号 *(稍后描述)或可选的小数整数;如果只指定了时间段，则精度为零.如果精度与任何其他转换说明符一起出现，则行为未定义.

An optional precision that gives the minimum number of digits to appear for the d, i, o, u, x, and X conversions, the number of digits to appear after the decimal-point character for a, A, e, E, f, and F conversions, the maximum number of significant digits for the g and G conversions, or the maximum number of bytes to be written for s conversions. The precision takes the form of a period (.) followed either by an asterisk * (described later) or by an optional decimal integer; if only the period is specified, the precision is taken as zero. If a precision appears with any other conversion specifier, the behavior is undefined.

7.21.6.1.p8:

7.21.6.1. p8:

:如果不存在 l 长度修饰符，则参数应为指向初始值的指针字符类型数组的元素.数组中的字符是写到(但不包括)终止空字符.如果指定精度，不超过写入的字节数.如果精度未指定或大于数组的大小，数组应包含空字符.

s : If no l length modifier is present, the argument shall be a pointer to the initial element of an array of character type. Characters from the array are written up to (but not including) the terminating null character. If the precision is specified, no more than that many bytes are written. If the precision is not specified or is greater than the size of the array, the array shall contain a null character.

这篇关于printf :这安全吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！