• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Problem mac os X version 10.6 when using sprinft
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Problem mac os X version 10.6 when using sprinft

  • Subject: Re: Problem mac os X version 10.6 when using sprinft
  • From: "Sean McBride" <email@hidden>
  • Date: Fri, 7 May 2010 19:27:57 -0400
  • Organization: Rogue Research Inc.
On Fri, 7 May 2010 21:50:46 +0100, Alastair Houghton said:

>On 7 May 2010, at 21:16, Sean McBride wrote:
>
>> Also, you should never use sprintf.  Use snprintf instead.
>
>snprintf() is safer, certainly, but "never" is a little strong for my
>taste.  Like goto or longjmp(), it depends who is using it and what for.

Well, yes, there's an exception to every rule (even this one). :)

But really, sprintf is more evil than goto, especially since snprintf
can be easily substituted.  Using sprintf is risking exploitable buffer
overflows, a common security problem, especially if the string is user-
input.  See also:
<http://developer.apple.com/mac/library/documentation/Security/
Conceptual/SecureCodingGuide/Articles/BufferOverflows.html#//apple_ref/
doc/uid/TP40002577-SW10>

>*Anyway*, this is cocoa-dev, and that being the case, this entire
>question is off-topic.  So to bring it back *on* topic, a better
>alternative would be to use NSString's -stringWithFormat: method, which
>is safer than sprintf() or snprintf(), and means you get an NSString
>object which is a much richer type than a plain C string.  -
>stringWithFormat: also supports pretty much the same set of specifiers
>that printf() does, with the addition of %@, of course.
>
>Oh, and there's also NSNumberFormatter if you want to format numbers in
>a more sophisticated manner.

Agreed!

--
____________________________________________________________
Sean McBride, B. Eng                 email@hidden
Rogue Research                        www.rogue-research.com
Mac Software Developer              Montréal, Québec, Canada


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • RE: Problem mac os X version 10.6 when using sprinft
      • From: paul morel <email@hidden>
References: 
 >Problem mac os X version 10.6 when using sprinft (From: paul morel <email@hidden>)
 >Re: Problem mac os X version 10.6 when using sprinft (From: Fritz Anderson <email@hidden>)
 >Re: Problem mac os X version 10.6 when using sprinft (From: "Sean McBride" <email@hidden>)
 >Re: Problem mac os X version 10.6 when using sprinft (From: Alastair Houghton <email@hidden>)

  • Prev by Date: Re: Synthesized ivar for std::tr1::shared_ptr<MyClass>?
  • Next by Date: Re: Synthesized ivar for std::tr1::shared_ptr<MyClass>?
  • Previous by thread: Re: Problem mac os X version 10.6 when using sprinft
  • Next by thread: RE: Problem mac os X version 10.6 when using sprinft
  • Index(es):
    • Date
    • Thread