c array - warning: format not a string literal

Question

I'm attempting to learn C and already I've run into an issue. I assume its trivial but I need to know it. I have written:

#include <stdio.h>
#include <string.h>

int main() 
{
    char str_a[20];

    strcpy(str_a, "Hello, world!\n");
    printf(str_a);
}

Once I attempt to compile it with: gcc -g -o char_array2 char_array2.c I receive an error saying:

char_array2.c: In function ‘main’:
char_array2.c:9:2: warning: format not a string literal and no format arguments [-Wformat-security]

Can anyone help please?

Answer 1

When using printf, the format string is better as a string literal than a variable:

printf("%s", str_a);

Answer 2

Just to add something to other answers, you better do this because a (long?) time ago people wrote printf like that and hackers found a way to read from and write to the stack, more here.
For example, a simple program like this:

blackbear@blackbear-laptop:~$ cat format_vul.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main(int argc, char *argv[])
{
    char text[1024];
    static int test_var = -1;

    if(argc < 2) {
        printf("Use: %s <input>\n", argv[0]);
        exit(-1);
    }

    strcpy(text, argv[1]);

    printf("The correct way:\n");
    printf("%s", text);

    printf("\nThe wrong way:\n");
    printf(text);

    printf("\n[*]: test_var @ %8p = %d ( 0x%x )\n", &test_var, test_var, test_var);
}
blackbear@blackbear-laptop:~$ ./format_vul AAAA
The correct way:
AAAA
The wrong way:
AAAA
[*]: test_var @ 0x804a024 = -1 ( 0xffffffff )

Can be used to change test_var's value from 0xffffff to something else, like 0xaabbccdd:

blackbear@blackbear-laptop:~$ ./format_vul $(printf "\x24\xa0\x04\x08JUNK\x2
5\xa0\x04\x08JUNK\x26\xa0\x04\x08JUNK\x27\xa0\x04\x08").%8x.%8x.%8x.%8x.%8x.
%8x.%8x.%8x.%8x.%110x.%n%239x%n%239x%n%239x%n
The correct way:
$�JUNK%�JUNK&�JUNK'�.%8x.%8x.%8x.%8x.%8x.%8x.%8x.%8x.%8x.%110x.%n%239x%n%239
x%n%239x%n
The wrong way:
$�JUNK%�JUNK&�JUNK'�.bfffefec.  154d7c.  155d7c.  155d7c.      f0.      f0.b
ffff4a4.       4.       4.                                                  
                                                     174.                   


                                                50415243                    


                                               50415243                     


                                              50415243
[*]: test_var @ 0x804a024 = -1430532899 ( 0xaabbccdd )

Answer 3

The warning is caused by the compiler wanting the first argument of printf to be a string literal. It wants you to write this:

printf("%s\n", str_a);

This is because the first parameter of printf is the format string. The format arguments are then passed after that.

_{Note: You can in fact use a variable as a format string, but you probably shouldn't do that. That's why the compiler issues a warning and not an error.}

Answer 4

printf() expects it's format to be a string literal, not a dynamically created string. To fix, try this:

printf("%s", str_a); // %s denotes a string

Or use puts

puts(str_a);

Answer 5

Actually, by writing :

printf(str_a);

You're helping malicious users doing a format string attack. Indeed, they can actually write in the input strings like :

%x%x%x

Without passing the argument after this formats, if your stack is not protected, users with this strings can read in your memory due to the functioning of printf(). I prefer not giving to much details myself, being not an expert about format string attack, but here are some resources that are more detailed !

OWASP Wikipedia

Answer 6

Please read the warning 'no format arguments' - i.e. no % in the string.

Try printf("%s", str_a);

Answer 7

The error is coming from printf(str_a);. Your code should be printf("%s",str_a); take a look at the following link for more info on printf. http://www.cprogramming.com/tutorial/printf-format-strings.html