A dead machine with a printf function

Today, my colleagues have solved a problem. I have made some suggestions and I have come up with them.

We are familiar with printf function numbers, including % s, % d, % P, % u, and so on. You can also directly printf ("XX string"), or:

Char STR [] = "xxxxxx"; printf (STR );

If this happens, it will fail:

Printf ("str = % s \ n ");

This is because the data volume is not enough.

But have you been involved in the following cases?

Char STR [] = "im a good man % s \ n"; printf (STR );

This generation can pass and run,... It seems a bit problematic.

It is easy to see that printf will find a % s when parsing the string, so it will probably replace % s with a later digit, but which of the following vertex numbers?

Printf functions, but I don't know them. It assumes that they exist, so we act as "Examples". on x86, it will find them in the heap memory, in this case, we only counted one data entry in STR, and the CPU looked up. It thought that the data below STR was the data entry, therefore, we can use it without any hesitation... However, it may be something else, such as the IP address and EBP in the queue. If the value it obtains is an internal memory that cannot be accessed, the program will be finished. On PPC, the CPU will use the R4 register, and the sentiment is the same. Who knows what the R4 memory is!

 

In this case, no programmers will answer this question. However, if our printf contains changes, we have to take more tests. For example, if we want to extract a string or a piece of ciphertext that uses ciphertext, the content in it may be uncontrollable, there may be things like % s and % d. Limitation or clarification is required.

 

Now I think about why I didn't want to use printf directly when HW data was used.