Edit

Share via


Warning C6064

Missing integer argument to 'function-name' corresponding to conversion specifier 'number'

This warning indicates that the code doesn't provide enough arguments to match a format string and one of the missing arguments is an integer.

Remarks

This defect is likely to cause incorrect output and, in more dangerous cases, can lead to stack overflow.

Code analysis name: MISSING_INTEGER_ARGUMENT_TO_FORMAT_FUNCTION

Example

The following code generates this warning because it uses an incorrect number of arguments in the call to sprintf_s and the missing argument is an integer. If the unsafe function sprintf was used instead of the safer variant sprintf_s, this code would likely cause a stack overflow instead of just an unexpected output:

void f()
{
    char buff[8];
    const char *string="Hello";
    sprintf_s(buff, sizeof(buff), "%s %d", string);  // Attempts to print "Hello "
    // followed by a number up to eleven characters long, depending on the garbage
    // found on the stack. Any number other than a single non-negative digit can't
    // fit in the 8 char buffer and leave room for the trailing null. If sprintf 
    // had been used instead, it would overflow.
}

To correct this warning, specify missing arguments or adjust the format string. In this example, we add the missing integer value.

void f()
{
    char buff[8];
    const char *string = "Hello";
    sprintf_s(buff, sizeof(buff), "%s %d", string, strlen(string));
}

See also

sprintf_s, _sprintf_s_l, swprintf_s, _swprintf_s_l
C4473