Any C programmer who’s been working for more than a week has encountered crashes that result from calling printf with more format specifiers than actual arguments, e.g.:
printf("Gonna %s and %s, %s!", "crash", "burn");
However, are there any similar bad things that can happen when you pass too many arguments to printf?
printf("Gonna %s and %s!", "crash", "burn", "dude");
My knowledge of x86/x64 assembly leads me to believe that this is harmless, though I’m not convinced that there’s not some edge condition I’m missing, and I have no idea about other architectures. Is this condition guaranteed to be harmless, or is there a potentially crash-inducing pitfall here, too?
You probably know the prototype for the printf function as something like this
A more complete version of that would actually be
The
__cdecldefines the “calling convention” which, along with other things, describes how arguments are handled. In the this case it means that args are pushed onto the stack and that the stack is cleaned by the function making the call.One alternative to
_cdeclis__stdcall, there are others. With__stdcallthe convention is that arguments are pushed onto the stack and cleaned by the function that is called. However, as far as I know, it isn’t possible for a__stdcallfunction to accept a variable number of arguments. That makes sense since it wouldn’t know how much stack to clean.The long and the short of it is that in the case of
__cdeclfunctions its safe to pass however many args you want, since the cleanup is performed in the code makeing the call. If you were to somehow pass too many arguments to a__stdcallfunction it result in a corruption of the stack. One example of where this could happen is if you had the wrong prototype.More information on calling conventions can be found on Wikipedia here.