Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery

Re^5: use of print f and sprint f

by !1 (Hermit)
on Nov 10, 2004 at 16:44 UTC ( #406714=note: print w/replies, xml ) Need Help??

in reply to Re^4: use of print f and sprint f
in thread use of print f and sprint f

I'm sorry, but I don't understand what your point could possibly be. The documentation states that the first parameter to printf is expected to be a string with placeholders that begin with % and that you should use %% when you want an explicit %. Your assertion that it should print %%%% does not follow from anything in the documentation. Perhaps I'm missing something so could you please explain yourself a little better?

Replies are listed 'Best First'.
Re^6: use of print f and sprint f
by ikegami (Pope) on Nov 10, 2004 at 17:04 UTC

    We were talking about using:
    printf("$l, $j, %.3f ...\n", $Hx, ...);
    rather than
    printf("%s, %s, %.3f ...\n", $l, $j, $Hx, ...);
    and the question was whether the first one was unsafe.

    My snippet demonstrated that escapes inside $l do get processed by printf (which to me is obvious) and therefore printf is subject to coersion by the user ("vulnerable") if the first method is used. It's not as vulnerable as C version, but it's still dangerous.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://406714]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (3)
As of 2021-07-30 16:21 GMT
Find Nodes?
    Voting Booth?

    No recent polls found