What is the use of the n format specifier in C

Question

What is the use of the  n format specifier in C  Could anyone explain with an example

User · Answer

I haven t really seen many practical real world uses of the  n specifier  but I remember that it was used in oldschool printf vulnerabilities with a format string attack quite a while back    Something that went like this  void authorizeUser  char   username  char   password           code here setting authorized to false        printf username        if   authorized              giveControl username             where a malicious user could take advantage of the username parameter getting passed into printf as the format string and use a combination of  d   c or w e to go through the call stack and then modify the variable authorized to a true value   Yeah it s an esoteric use  but always useful to know when writing a daemon to avoid security holes   D

User · Answer

Nothing printed  The argument must be a pointer to a signed int  where the number of characters written so far is stored    include  lt stdio h gt   int main       int val     printf  blah  n blah n    amp val      printf  val    d n   val      return 0       The previous code prints   blah  blah val   5

User · Answer

So far all the answers are about that  n does  but not why anyone would want it in the first place  I find it s somewhat useful with sprintf snprintf  when you might need to later break up or modify the resulting string  since the value stored is an array index into the resulting string  This application is a lot more useful  however  with sscanf  especially since functions in the scanf family don t return the number of chars processed but the number of fields   Another really hackish use is getting a pseudo-log10 for free at the same time while printing a number as part of another operation

User · Answer

The argument associated with the  n will be treated as an int  and is filled with the number of total characters printed at that point in the printf

User · Answer

Most of these answers explain what  n does  which is to print nothing and to write the number of characters printed thus far to an int variable   but so far no one has really given an example of what use it has   Here is one   int n  printf   s   nFoo n    hello    amp n   printf    sBar n   n         will print   hello  Foo        Bar   with Foo and Bar aligned   It s trivial to do that without using  n for this particular example  and in general one always could break up that first printf call   int n   printf   s      hello    printf  Foo n    printf    sBar n   n         Whether the slightly added convenience is worth using something esoteric like  n  and possibly introducing errors  is open to debate

User · Answer

It will store value of number of characters printed so far in that printf   function   Example   int a  printf  Hello World  n  n    amp a   printf  Characters printed so far    d  a     The output of this program will be  Hello World Characters printed so far   12

User · Answer

From here we see that it stores the number of characters printed so far      n   The argument shall be a pointer to an integer into which is written the number of bytes written to the output so far by this call to one of the fprintf   functions  No argument is converted    An example usage would be   int n chars   0  printf  Hello  World n    amp n chars     n chars would then have a value of 12

User · Answer

It doesn t print anything   It is used to figure out how many characters got printed before  n appeared in the format string  and output that to the provided int    include  lt stdio h gt   int main int argc  char  argv          int resultOfNSpecifier   0       set printf count output 1      Required in visual studio        printf  Some format string n n    amp resultOfNSpecifier       printf  Count of chars before the   n   d n   resultOfNSpecifier       return 0       Documentation for  set printf count output

User · Answer

n is C99  works not with VC

User · Answer

Those who want to use  n Format Specifier may want to look at this  Do Not Use the  quot  n quot  Format String Specifier Abstract Careless use of  quot  n quot  format strings can introduce a vulnerability  Description There are many kinds of vulnerability that can be caused by misusing format strings  Most of these are covered elsewhere  but this document covers one specific kind of format string vulnerability that is entirely unique for format strings  Documents in the public are inconsistent in coverage of these vulnerabilities  In C  use of the  quot  n quot  format specification in printf   and sprintf   type functions can change memory values  Inappropriate design implementation of these formats can lead to a vulnerability generated by changes in memory content  Many format vulnerabilities  particularly those with specifiers other than  quot  n quot   lead to traditional failures such as segmentation fault  The  quot  n quot  specifier has generated more damaging vulnerabilities  The  quot  n quot  vulnerabilities may have secondary impacts  since they can also be a significant consumer of computing and networking resources because large guantities of data may have to be transferred to generate the desired pointer value for the exploit  Avoid using the  quot  n quot  format specifier  Use other means to accomplish your purpose  Source  link

User · Answer

The other day I found myself in a situation where  n would nicely solve my problem   Unlike my earlier answer  in this case  I cannot devise a good alternative   I have a GUI control that displays some specified text   This control can display part of that text in bold  or in italics  or underlined  etc    and I can specify which part by specifying starting and ending character indices   In my case  I am generating the text to the control with snprintf  and I d like one of the substitutions to be made bold   Finding the starting and ending indices to this substitution is non-trivial because    The string contains multiple substitutions  and one of the substitutions is arbitrary  user-specified text   This means that doing a textual search for the substitution I care about is potentially ambiguous  The format string might be localized  and it might use the   POSIX extension for positional format specifiers   Therefore searching the original format string for the format specifiers themselves is non-trivial  The localization aspect also means that I cannot easily break up the format string into multiple calls to snprintf    Therefore the most straightforward way to find the indices around a particular substitution would be to do   char buf 256   int start  int end   snprintf buf  sizeof buf            blah blah  s  f yada yada  n s n yakety yak            someUserSpecifiedString           someFloat            amp start  boldString   amp end   control- gt set text buf   control- gt set bold start  end

[c] What is the use of the %n format specifier in C?

Examples related to c

Examples related to printf