我想用以下函数将文本保存到文件中:
void wl (char* buff[],char lp[],char mt[]) { FILE *fp; fp=fopen(lp, mt); fprintf(fp, buff); fclose (fp); }如果我通过一个简单的输入缓冲区运行它,如“abcd”....“abcd”将保存到目标文件中。
但是,如果我包含包含“%s%d ....”或其他C格式字符串的文本...它将保存错误的数据。
我想知道如何将像“ab%cd”这样的字符串保存到文件中。 我知道如果我用%%替换%,它将正确保存,但我无法为%编写正确的替换代码
I want to save text into a file with this function that:
void wl (char* buff[],char lp[],char mt[]) { FILE *fp; fp=fopen(lp, mt); fprintf(fp, buff); fclose (fp); }If I run it via a simple input buffer like "abcd" .... "abcd" will save into the destination file.
However, if I include text that contains "%s %d ...." or other C format strings ... it will save the wrong data.
I would like to know how I can save a string like "ab%cd" into a file. I know that if I replace % with %%, it will save correctly but I can't write the correct replace code for %
最满意答案
你可以做fprintf(fp, "%s", buff)或者使用同样的fputs(buff, fp) 。
您可能永远不会将任何输入用作格式化字符串 - 这可能会导致漏洞利用。
You could do fprintf(fp, "%s", buff) or use fputs(buff, fp) that does the same.
You should probably never use any input as a formatting string - this can lead to exploits.
更多推荐
发布评论