"%" PRIi64 is reported as non-constant format string

andrew-d / rough-auditing-tool-for-security

Automatically exported from code.google.com/p/rough-auditing-tool-for-security

GNU General Public License v2.0

84 stars 30 forks source link

"%" PRIi64 is reported as non-constant format string #9

Open fukanchik opened 6 years ago

fukanchik commented 6 years ago

int64_t x = 123;
sprintf(buffer, "%" PRIi64, x);

produces the following warning

Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.

PRIi64 is defined in standard header as a constant string.