Format Specification Fields: printf and wprintf Functions
This topic describes the syntax for format specifications fields, used in printf, wprintf and related functions. More secured versions of these functions are available, see printf_s, _printf_s_l, wprintf_s, _wprintf_s_l. For details on the individual functions, see the documentation for those specific functions. For a complete listing of these functions, see Stream I/O.
A format specification, which consists of optional and required fields, has the following form:
%[flags] [width] [.precision] [{h | l | ll | I | I32 | I64}]type
Each field of the format specification is a single character or a number signifying a particular format option. The simplest format specification contains only the percent sign and a type character (for example, %s). If a percent sign is followed by a character that has no meaning as a format field, the character is copied to stdout. For example, to print a percent-sign character, use %%.
The optional fields, which appear before the type character, control other aspects of the formatting, as follows:
type
Required character that determines whether the associated argument is interpreted as a character, a string, or a number (see the "printf Type Field Characters" table in printf Type Field Characters).flags
Optional character or characters that control justification of output and printing of signs, blanks, decimal points, and octal and hexadecimal prefixes (see the "Flag Characters" table in Flag Directives). More than one flag can appear in a format specification.width
Optional number that specifies the minimum number of characters output (see printf Width Specification).precision
Optional number that specifies the maximum number of characters printed for all or part of the output field, or the minimum number of digits printed for integer values (see the "How Precision Values Affect Type" table in Precision Specification).h| l| ll| I| I32| I64
Optional prefixes to type-that specify the size of argument (see the "Size Prefixes" table in Size and Distance Specification).
Security Note: |
---|
Ensure that format specification strings are not user-defined. For example, consider a program that prompts the user to enter his name and stores the input in a string variable called name. To print name, do not do this: |
printf( name ); // Danger! If name contains "%s", program will crash
참고
Instead, do this:
printf( "%s", name );
See Also
Concepts
printf, _printf_l, wprintf, _wprintf_l