警告：格式不是字符串文字，没有格式参数 [英] warning: format not a string literal and no format arguments

问题描述

我要删除我得到该线路上code的，

警告

  FILE * FIL;
字符*小鬼;
（......）
fprintf中（FIL，IMP）;
 

事情是，当我做到这一点写在正是我想要的文件，但如果我申请格式％S没有，像这样

  fprintf中（FIL，％S，IMP）;
 

解决方案

此警告，告诉您它无法验证格式字符串参数的printf风格功能（具有printf，fprintf中...等）的GCC的方式。当编译器不能手动不期而遇的字符串，并确保当你在运行时打算一切都会生成此警告。让我们看几个例子。

案例1.此字符串可以在编译时进行验证，编译器将允许它没有警告：

 的printf（这个字符串没有格式）;
 

案例2：对于这种情况，编译器可以检测到你有一个格式说明，并提出一个不同的警告。在我的机器它说：警告：格式参数太少。

  //这将极有可能崩溃机器
的printf（不是一个安全的字符串为％s）;
 

案例3.现在这样比较你的情况。您正在运行时生成的字符串，并试图将其打印出来。你得到的警告编译器警告您，有可能是在字符串中的格式说明。说的如坏SDATA％。在这种情况下，运行时将尝试访问一个不存在的参数％s的匹配。更糟的是，这可能是试图利用你的程序的使用者（使其读取，是不是安全的数据读取）。

 字符海峡[200];
scanf函数（％S，STR）
的printf（STR）
 

I want to remove the warning that i get on this line of the code,

FILE *fil;
char *imp;
(...)
fprintf(fil,imp);

the thing is when i do this it writes on the file exactly what i want, but if i apply the format %s it doesn't, like this

fprintf(fil, "%s", imp);

解决方案

This warning is gcc's way of telling you that it cannot verify the format string argument to the printf style function (printf, fprintf... etc). This warning is generated when the compiler can't manually peek into the string and ensure that everything will go as you intend during runtime. Lets look at a couple of examples.

Case 1. This string can be verified at compile time and the compiler will allow it without warning:

printf("This string has no format");

Case 2: For this case, the compiler can detect that you have a format specifier and will raise a different warning. On my machine it said "warning: too few arguments for format".

// This will most probably crash your machine
printf("Not a safe string to %s"); 

Case 3. Now this is somewhat your case. You are taking a string generated at runtime and trying to print it. The warning you are getting is the compiler warning you that there could be a format specifier in the string. Say for eg "bad%sdata". In this case, the runtime will try to access a non-existent argument to match the %s. Even worse, this could be a user trying to exploit your program (causing it to read data that is not safe to read).

char str[200];
scanf("%s", str)
printf(str)

这篇关于警告：格式不是字符串文字，没有格式参数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！