iphone - 代码 : Format string is not a string literal 的问题

Question

这个问题在这里已经有了答案:

关闭 11年前.

Possible Duplicate:
SnowLeopard Xcode warning: “format not a string literal and no format arguments”

我在这行代码中遇到以下问题。

“格式字符串不是字符串文字(可能不安全)”

NSLog([NSString stringWithFormat:@"%@", entered]);

有什么建议吗？

Answer 1

编译器希望我们对格式字符串(NSLog 的第一个参数)使用 NSString 常量，因为它可以防止可能违反安全性的众所周知的漏洞利用。因此，例如，您可以按如下方式更改您发布的代码以使编译器满意:

NSLog(@"%@", [NSString stringWithFormat:@"%@", entered]);

编辑

当然，上面可以(并且应该)简单地写成如下:

NSLog(@"%@", entered);

安全漏洞的性质

Uncontrolled format string[1] is a type of software vulnerability, discovered around 1999, that can be used in security exploits. Previously thought harmless, format string exploits can be used to crash a program or to execute harmful code. The problem stems from the use of unchecked user input as the format string parameter in certain C functions that perform formatting, such as printf(). A malicious user may use the %s and %x format tokens, among others, to print data from the stack or possibly other locations in memory. One may also write arbitrary data to arbitrary locations using the %n format token, which commands printf() and similar functions to write the number of bytes formatted to an address stored on the stack.

A typical exploit uses a combination of these techniques to force a program to overwrite the address of a library function or the return address on the stack with a pointer to some malicious shellcode. The padding parameters to format specifiers are used to control the number of bytes output and the %x token is used to pop bytes from the stack until the beginning of the format string itself is reached. The start of the format string is crafted to contain the address that the %n format token can then overwrite with the address of the malicious code to execute.

来源:维基百科Uncontrolled Format String

[1]: http://cwe.mitre.org/data/definitions/134.html “CWE-134:不受控制的格式字符串”。常见弱点枚举。 MITRE。