M
Meske Moday
I teach beginning C, and I've never run into this issue before. I have
a student who consistently uses the printf and scanf statements as
shown below. By all rights, I would have bet his programs wouldn't
compile. But they do...
Weird usage of printf:
printf( n, "^3 = ", cubed, "\n" ); /* n is an int */
and scanf:
scanf( "%d", &input1, &input2, &input3 ); /* variables are int's */
Compiling his code with "gcc -pedantic -ansi -Wall" doesn't generate
ANY errors. Checking it with splint generates the following message:
prog-2-1.c:23:12: Function printf expects arg 1 to be char * gets int: n
Types are incompatible.
prog-2-1.c:23:5: Format string parameter to printf is not a
compile-time constant: n
Format parameter is not known at compile-time. This can lead to security
vulnerabilities because the arguments cannot be type checked.
This same student uses scanf as shown above, with a single conversion
specification with three arguments. According to scanf specification
that I'm looking at (Linux-> man 3 scanf), scanf will evaluate the
excess pointer arguments, but otherwise ignores them. But it works! gcc
compiles again, without error. splint reports the following:
prog-2-3.c:21:5: Format string for scanf has 1 arg, given 3
Types are incompatible.
Any ideas? I want to tell the student this isn't correct, but I can't
seem to justify my gut instinct with any examples, since no one does
this! LOL And since his programs all compile cleanly and work properly,
I need something a little more concrete than my gut instinct.
Thanks for any thought comments.
Kevin
a student who consistently uses the printf and scanf statements as
shown below. By all rights, I would have bet his programs wouldn't
compile. But they do...
Weird usage of printf:
printf( n, "^3 = ", cubed, "\n" ); /* n is an int */
and scanf:
scanf( "%d", &input1, &input2, &input3 ); /* variables are int's */
Compiling his code with "gcc -pedantic -ansi -Wall" doesn't generate
ANY errors. Checking it with splint generates the following message:
prog-2-1.c:23:12: Function printf expects arg 1 to be char * gets int: n
Types are incompatible.
prog-2-1.c:23:5: Format string parameter to printf is not a
compile-time constant: n
Format parameter is not known at compile-time. This can lead to security
vulnerabilities because the arguments cannot be type checked.
This same student uses scanf as shown above, with a single conversion
specification with three arguments. According to scanf specification
that I'm looking at (Linux-> man 3 scanf), scanf will evaluate the
excess pointer arguments, but otherwise ignores them. But it works! gcc
compiles again, without error. splint reports the following:
prog-2-3.c:21:5: Format string for scanf has 1 arg, given 3
Types are incompatible.
Any ideas? I want to tell the student this isn't correct, but I can't
seem to justify my gut instinct with any examples, since no one does
this! LOL And since his programs all compile cleanly and work properly,
I need something a little more concrete than my gut instinct.
Thanks for any thought comments.
Kevin