'Is it safe to use printf("%*s", len, ptr) where len is an integer and ptr is non-null terminated?

Is it safe to use printf("%*s", len, ptr) where len is an integer and ptr is non-null terminated? If not safe, what will happen in the worst case? And then how can I make it safe?

thank you

cprintf


Solution 1:[1]

No not safe at all. "%*s" only sets a minimum display width, it does not enforce input string length at all.

But assuming you actually mean "%.*s"

Yes, that would be safe.

This format of printf does not look at chars in/at ptr past the nth (index n-1)

So assuming that n holds an appropriate value there will be no access outside of the allocation unit of ptr and thus no risk of out-of-range pointer undefined behaviour.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1

Related Questions

Implicit declaration of functions srand, rand and system

Implicit declaration of functions srand, rand and system

Implicit declaration of functions srand, rand and system

hex code implementation for spawning a shell

hex code implementation for spawning a shell

hex code implementation for spawning a shell

warning: format ‘%s’ expects type ‘char *’, but argument 2 has type ‘char (*)’

Minimal implementation of sprintf or printf

warning: format ‘%s’ expects type ‘char *’, but argument 2 has type ‘char (*)’

Minimal implementation of sprintf or printf

How to hide helper functions from public API in c

VS Code C Error - Invalid Active Developer Path

In C is it faster to use the standard library or write your own function?

Finding consecutive bit string of 1 or 0

What is the simplest way of implementing bigint in C?