FMTCHECK(3) BSD Library Functions Manual FMTCHECK(3)
fmtcheck -- sanitizes user-supplied printf(3)-style format string
Standard C Library (libc, -lc)
const char *
fmtcheck(const char *fmt_suspect, const char *fmt_default);
The fmtcheck function scans fmt_suspect and fmt_default to determine if fmt_suspect will
consume the same argument types as fmt_default and to ensure that fmt_suspect is a valid
The printf(3) family of functions can not verify the types of arguments that they are passed
at run-time. In some cases, like catgets(3), it is useful or necessary to use a user-sup-
plied format string with no guarantee that the format string matches the specified parame-
The fmtcheck function was designed to be used in these cases, as in:
printf(fmtcheck(user_format, standard_format), arg1, arg2);
In the check, field widths, fillers, precisions, etc. are ignored (unless the field width or
precision is an asterisk '*' instead of a digit string). Also, any text other than the for-
mat specifiers is completely ignored.
Note that the formats may be quite different as long as they accept the same parameters.
For example, "%p %o %30s %#llx %-10.*e %n" is compatible with "This number %lu %d%% and
string %s has %qd numbers and %.*g floats (%n)." However, "%o" is not equivalent to "%lx"
because the first requires an integer and the second requires a long.
If fmt_suspect is a valid format and consumes the same argument types as fmt_default, then
the fmtcheck function will return fmt_suspect. Otherwise, it will return fmt_default.
BSD October 17, 2000 BSD