Issue With Code: Format string is not a string literal

Question

Possible Duplicate:
SnowLeopard Xcode warning: “format not a string literal and no format arguments”

I am getting the following issue for this line of code.

"Format string is not a string literal (potentially insecure)"

NSLog([NSString stringWithFormat:@"%@", entered]);

Any suggestions?

Hey Faisal, Actually this is because you have not written the `@"%@"`, string specifier under the NSLog Statement. Just check out my answer. Hope that helps you. :) — Parth Bhatt, Mar 25 '11 at 04:57
@Parth Old thread, good help, but why not as an answer already? — Neeku, Feb 27 '13 at 11:39

jlehr · Accepted Answer · 2014-01-24T17:56:47.983

The compiler wants us to use an NSString constant for the format string (the first argument to NSLog) because it prevents a fairly well-known exploit that could potentially violate security. So for example, you could change the code you posted as follows to keep the compiler happy:

NSLog(@"%@", [NSString stringWithFormat:@"%@", entered]);

EDIT

And of course, the above could (and should) simply be written as follows:

NSLog(@"%@", entered);

Nature of Security Exploits

Uncontrolled format string[1] is a type of software vulnerability, discovered around 1999, that can be used in security exploits. Previously thought harmless, format string exploits can be used to crash a program or to execute harmful code. The problem stems from the use of unchecked user input as the format string parameter in certain C functions that perform formatting, such as printf(). A malicious user may use the %s and %x format tokens, among others, to print data from the stack or possibly other locations in memory. One may also write arbitrary data to arbitrary locations using the %n format token, which commands printf() and similar functions to write the number of bytes formatted to an address stored on the stack.

A typical exploit uses a combination of these techniques to force a program to overwrite the address of a library function or the return address on the stack with a pointer to some malicious shellcode. The padding parameters to format specifiers are used to control the number of bytes output and the %x token is used to pop bytes from the stack until the beginning of the format string itself is reached. The start of the format string is crafted to contain the address that the %n format token can then overwrite with the address of the malicious code to execute.

Source: Wikipedia Uncontrolled Format String

[1]: http://cwe.mitre.org/data/definitions/134.html "CWE-134: Uncontrolled Format String". Common Weakness Enumeration. MITRE.

+1 for how does this solution prevent "the use of unchecked user input as the format string parameter in certain C functions that perform formatting" — John K, Jun 02 '17 at 22:35

score 31 · Answer 2 · edited May 23 '17 at 11:33

31

Here is the solution.

Warning: "format not a string literal and no format arguments"

Try with

NSLog(@"%@",entered);

because NSLog can also do formatting for you...

edited May 23 '17 at 11:33

Community

1
1

answered Mar 25 '11 at 03:50

Jhaliya - Praveen Sharma

31,697
9
72
76

2

This is a better answer than the one that was accepted. There's no need to use stringWithFormat: when NSLog() already uses a format! – Sherm Pendley Mar 25 '11 at 05:17

Parth Bhatt · Answer 3 · 2011-03-25T04:57:49.897

2

Try:

NSLog(@"%@",[NSString stringWithFormat:@"%@",entered]);

Hope this helps you. :)

edited Mar 25 '11 at 04:57

answered Mar 25 '11 at 04:45

Parth Bhatt

19,381
28
133
216

Issue With Code: Format string is not a string literal

3 Answers3

Linked

Related