Home/ Questions/Q 7719015
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T03:18:30+00:00

Here is my code: void subroutine(const char *message) { printf(message); } And here is

  • 0

Here is my code:

void subroutine(const char *message) { printf(message); }

And here is the error I get:

Error: In function ' ': warning: format not a string literal and no format arguements [-Wformat-security]

What is the error here? I can’t solve it.

Any suggestions?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You should use

    printf("%s", message);

    Longer explanation:

    printf treats its first argument as format specifier. If you are lucky and the message doesn’t contain %s or other substrings special for printf, the message will be printed “as is”.

    But if the message contains something like that, your program will try to interpret other arguments to printf as the parameters. As there are no actual arguments, it will, for example, consider some arbitrary memory location as a pointer, and try to dereference it. This would in the best case lead to a crash; in the worst case, this may leak some sensitive data.

    (printf can even overwrite some memory if %n is encountered in the format string.)

    • 0