Reputation:
Format string attack, difference between %_$d and %d
I'm currently getting into binary exploitation, so far so good.
The only thing that I don't really understand is the difference between %4$d and %4d, for example. I was looking at this guide:
http://www.kroosec.com/2012/12/protostar-format2.html
and, on the last line, 'minimum field width' is mentioned while %60d is used. Is this related to my question? When should one use %$d and when %d?
Upvotes: 0
Views: 157
Answers (1)
Reputation: 112
The dollar sign inside a format string indicates a position of the variable used in printf. In this way, you may for example have only 1 parameter to the function, but use it 10 times in your format string, or with more parameters, in a different order. Depending on the programming language, you may or may not use mixed $ formatting.
Upvotes: 2
Related Questions
- format string vulnerability - printf
- C - The %x format specifier
- Why are the outputs of this C code different when formatting with %c and %d
- Difference between %d and %p printf format string directives in c language?
- How to use Format String Attack
- Format String Attack?
- Format string attack in printf
- Format String Attack in C
- Format String vulnerability
- Is %dn a format string?