stackoom
  简体   繁体   中英

Confusion with sscanf_s

 原文  2014-06-06 09:41:01       c

Question

I am having issues with sscanf_s, essentially I have this line of code: 

sscanf_s( line.c_str(),
          "<float_array id=\"%*s[^\"]\" count=\"%*d\">%[^<]s",
          numString);

I am feeding it this line of text: 

<float_array id="Cube-mesh-positions-array" count="24">1 1 -1 1 -1 -1 -1 -0.9999998 -1    -0.9999997 1 -1 1 0.9999995 1 0.9999994 -1.000001 1 -1 -0.9999997 1 -1 1 1</float_array>

What I am trying to achieve is read the number array written after count="24"> and pass it to another function, however numString remains with a value of "" after being passed through the equation, therefore causing the subsequent functions to fail. if anyone could offer me insight into why this is occurring I would be very appreciative.

A short SSCCE that I have tested has revealed that the problem lies elsewhere, I shall have to investigate this further - sorry for wasting your time, and thank you for taking your time to try and help me.

2 answers

solution1
 6 ACCPTED  2014-06-06 09:53:00

The function sscanf_s is a Microsoft invention, intended to be "more secure" than the standard sscanf function.

As such, if you are using "%s" or "%c" , it requires two parameters: One being the buffer to write the input to, and an integer specifying the available size of the buffer , so that a long input string does not result in a buffer overflow.

Unfortunately this is not quite that obvious to users of the function (like yourself), resulting in frequent mis-use of the function (which somewhat reduces the "security" implied).

Link to the Microsoft docs ; refer to the section "remarks".

So what you have here is undefined behaviour, as sscanf_s attempts to read an integer from the stack where you haven't put one. You end up lucky that the memory read is apparently zero, so zero bytes are written to numString .

This should do nicely: 

size_t BUFSIZE = 50;
char numString[ BUFSIZE ];
sscanf_s( line.c_str(),
          "<float_array id=\"%*s[^\"]\" count=\"%*d\">%[^<]s",
          numString, BUFSIZE );

Note that numString better actually be a char[] . Your question was initially tagged as C++; if numString is actually a std::string , be advised that you cannot use the scanf family function with std::string parameters.

(Sorry for the edits, got it wrong the first few times. That format string is something... ;-) )

solution2
 1  2014-06-07 12:06:02

char numString[ 256 ];
sscanf_s( line.c_str(),
          "<float_array id=\"%*[^\"]\" count=\"%*d\">%255[^<]",
          numString, 256);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question sscanf_s doesn't return first character of string The function sscanf_s fail when I use several strings How to extract file name from file path with sscanf_s()? Getting error with sscanf_s in Visual Studio 2012 Stack around the variable was corrupted when using sscanf_s sscanf_s doesn't store the right pattern How can I get how many bytes sscanf_s read in its last operation? sscanf_s: format string '%d' requires an argument of type 'int *', but variadic argument 4 has type 'WORD *' Confusion about sscanf sscanf reads what it's not supposed to
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM