Format to argument count mismatch

The number of format specifiers does not match the number of arguments.

Excess arguments are ignored, which could lead to loss of data. Excess format specifiers use excess data on the stack, leading to undefined results. There can be security implications, because using excessive stack space can lead to memory corruption or can expose confidential data.

ID

Observation

Description

1

Format mismatch

Place where the format string was used

Example

          
#include <stdio.h>

extern int x,y;

int main(int argc, char **argv)
{
    printf("%s"); // too few arguments: uses a random word on the stack as a string
    printf("%-2d", x, y); // too many arguments (y is ignored)
}
        

Copyright © 2010, Intel Corporation. All rights reserved.