I have a list of numbers and want to give my users the option to enter a printf-style format string to specify how the numbers should be output.
How can I validate the user-supplied format string against my parameter list? Malformed input should not crash the program, and I want to avoid any format string attacks.
I do not care if the validation handles just the format options specified in POSIX or the compiler specific superset. Is there any library call to do this, or will I have to write it myself?
Clarification: What I need is something like this:
float var1, var2, var3, var4;
// var1 .. var2 are given by the program
const char * userSupplied = getFormatStringFromUser();
if( isValidFormat( userSupplied, "float", "float", "float", "float" ) )
printf( userSupplied, var1, var2, var3, var4 );
else
printf( "The format you gave was invalid!\n" );
In this example, I know that I have four floats. I want to allow any format that only references zero to four floats.
So the following format strings should be allowed by isValidFormat():
While the following should be rejected:
fmtcheck (https://linux.die.net/man/3/fmtcheck , part of libbsd on Linux, or available on BSDs) does this, though the man page mentions that it does not support all extensions that printf does.
According to https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224143 , fmtcheck ignores unused arguments, which may or may not be what you want.