|
| Description: | C language features sprintf (format, arguments) function. Format is a string which can contain special sequences like '%s' that are replaced by the following arguments. If the function is called with less arguments than necessary, for instance sprintf("%s"), the function uses data beyond arguments. This can cause buffer overflow and has been widely used in exploits. There are other functions like sprintf(), printf() for instance. |