metrica
Мы используем куки, чтобы пользоваться сайтом было удобно.
Хорошо
to the top
close form

Заполните форму в два простых шага ниже:

Ваши контактные данные:

Шаг 1
Поздравляем! У вас есть промокод!

Тип желаемой лицензии:

Шаг 2
Team license
Enterprise license
** Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности
close form
Запросите информацию о ценах
Новая лицензия
Продление лицензии
--Выберите валюту--
USD
EUR
RUB
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Бесплатная лицензия PVS‑Studio для специалистов Microsoft MVP
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Для получения лицензии для вашего открытого
проекта заполните, пожалуйста, эту форму
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Мне интересно попробовать плагин на:
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
check circle
Ваше сообщение отправлено.

Мы ответим вам на


Если вы так и не получили ответ, пожалуйста, проверьте папку
Spam/Junk и нажмите на письме кнопку "Не спам".
Так Вы не пропустите ответы от нашей команды.

Вебинар: Трудности при интеграции SAST, как с ними справляться - 04.04

>
>
>
Примеры ошибок, обнаруженных с помощью …

Примеры ошибок, обнаруженных с помощью диагностики V576

V576. Incorrect format. Consider checking the Nth actual argument of the 'Foo' function.


Energy Checker SDK

V576 Incorrect format. Consider checking the second actual argument of the 'wprintf' function. The pointer to string of wchar_t type symbols is expected. producer producer.c 166


int main(void) {
  ....
  char *p = NULL;
  ....
  wprintf(
    _T("Using power link directory: %s\n"),
    p
  );
  ....
}

You should either use printf() or convert p.


Energy Checker SDK

V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 2. Present: 3. uuid_variant_sample uuid_variant_sample.c 259


int main(void) {
  ....
  printf(
    "Attach to [%s] Has Failed Possibly Because of"
    " a platform UUID variant.\n",
    pl_config_file_name,
    pld
  );
  ....
}

Should either add "%i" or remove the "pld" argument.


Intel AMT SDK

V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 1. Present: 2. Discovery discoverysample.cpp 168


bool ParseArgs(int argc, char **argv)
{
  ....
  printf("\nMust specify a file name when using '-report'.\n",
         argv[currArg++]);
  ....
}

Intel AMT SDK

V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 1. Present: 2. RemoteControlSample remotecontrolsample.cpp 792


bool GetUserValues(....)
{
  ....
  printf("Error: illegal value. Aborting.\n", tmp);
  return false;
}

Intel AMT SDK

V576 Incorrect format. A different number of actual arguments is expected while calling 'sprintf' function. Expected: 9. Present: 10. ConfigurationServer configurationutils.cpp 236


void StringFromPPS(....)
{
  ....
  sprintf((char *)textPPS,
    "%04X-%04X-%04X-04X-%04X-%04X-%04X-%04X\0",
    *(unsigned long *) (hexString),
    *(unsigned short *)(hexString+4),
    *(unsigned short *)(hexString+4+4),
    *(unsigned short *)(hexString+4+4+4),
    *(unsigned short *)(hexString+4+4+4+4),
    *(unsigned short *)(hexString+4+4+4+4+4),
    *(unsigned short *)(hexString+4+4+4+4+4+4),
    *(unsigned short *)(hexString+4+4+4+4+4+4+4)
    );
  ....
}

One of the arguments is 04X instead of %04X.


Intel AMT SDK

V576 Incorrect format. A different number of actual arguments is expected while calling 'fprintf' function. Expected: 2. Present: 3. USBFile usbfile.cpp 489


int WriteXmlFile(....)
{
  ....
  fprintf(fp, "</pps>\n", r.Pps);
  ....
}

Intel AMT SDK

V576 Incorrect format. A different number of actual arguments is expected while calling '_snprintf' function. Expected: 18. Present: 19. mod_pvs mod_pvs.cpp 308


void addAttribute(....)
{
  ....
  int index = _snprintf(temp, 1023,
    "%02x%02x:%02x%02x:%02x%02x:%02x%02x:"
    "%02x%02x:02x%02x:%02x%02x:%02x%02x",
    value[0],value[1],value[2],value[3],value[4],
    value[5],value[6],value[7],value[8],
    value[9],value[10],value[11],value[12],
    value[13],value[14],value[15]);
  ....
}

One of the arguments is 02X instead of %02X.


Far Manager

V576 Incorrect format. Consider checking the third actual argument of the 'fwprintf' function. The argument is expected to be not greater than 32-bit. far syslog.cpp 1943


struct PanelViewSettings
{
  unsigned __int64 ColumnType[PANEL_COLUMNCOUNT];
  ....
};

void PanelViewSettings_Dump(....)
{
  ....
  fwprintf(fp,L"%d, ",ViewSettings.ColumnType[I]);
  ....
}

It works due to sheer luck (the function has only one argument). But you'd better fix it.

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the third actual argument of the 'fwprintf' function. The argument is expected to be not greater than 32-bit. far syslog.cpp 1945
  • V576 Incorrect format. Consider checking the third actual argument of the 'fwprintf' function. The argument is expected to be not greater than 32-bit. far syslog.cpp 1956
  • V576 Incorrect format. Consider checking the third actual argument of the 'fwprintf' function. The argument is expected to be not greater than 32-bit. far syslog.cpp 1958

ReactOS

V576 Incorrect format. Consider checking the third actual argument of the 'fprintf' function. The char type argument is expected. regedit regproc.c 293


static void REGPROC_unescape_string(WCHAR* str)
{
  ....
  default:
    fprintf(stderr,
      "Warning! Unrecognized escape sequence: \\%c'\n",
      str[str_idx]);
  ....
}

%C should be used here.

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fourth actual argument of the 'fprintf' function. The char type argument is expected. regedit regedit.c 234
  • V576 Incorrect format. Consider checking the fourth actual argument of the 'fprintf' function. The char type argument is expected. regedit regedit.c 230

ReactOS

V576 Incorrect format. Consider checking the second actual argument of the 'wprintf' function. The argument is expected to be not greater than 32-bit. dwnl dwnl.c 229


static HRESULT STDMETHODCALLTYPE
CBindStatusCallback_OnProgress(....)
{
  ....
  if (This->szMimeType[0] != _T('\0'))
    _tprintf(_T("Length: %I64u [%s]\n"),
      This->Size, This->szMimeType);
  else
    _tprintf(_T("Length: %ull\n"), This->Size);
  ....
}

%I64u should be used as well in the second case: _tprintf(_T("Length: %I64u\n"), This->Size);


Doom 3

V576 Incorrect format. A different number of actual arguments is expected while calling 'sprintf' function. Expected: 7. Present: 8. Game syscvar.cpp 54


struct gameVersion_s {
  gameVersion_s( void )
  {
    sprintf(string, "%s.%d%s %s %s",
            ENGINE_VERSION, BUILD_NUMBER, BUILD_DEBUG,
            BUILD_STRING, __DATE__, __TIME__ );
  }
  char string[256];
} gameVersion;

Cairo

V576 Incorrect format. Consider checking the third actual argument of the 'fwprintf' function. The pointer to string of wchar_t type symbols is expected. cairo-win32-surface.c 130


cairo_status_t
_cairo_win32_print_gdi_error (const char *context)
{
  ....
  fwprintf (stderr, L"%s: %S", context, (wchar_t *)lpMsgBuf);
  ....
}

This is what should be written: fwprintf (stderr, L"%S: %s", context, (wchar_t *)lpMsgBuf);

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fourth actual argument of the 'fwprintf' function. The pointer to string of char type symbols is expected. cairo-win32-surface.c 130

PeerBlock

V576 Incorrect format. Consider checking the fourth actual argument of the 'swprintf_s' function. The pointer to string of wchar_t type symbols is expected. peerblock pb.cpp 153


#define PB_BLDSTR "PeerBlock " STRINGIFY(PB_VER_MAJOR) "." \
        STRINGIFY(PB_VER_MINOR) "+" " (r" \
        STRINGIFY(PB_VER_BUILDNUM) ") - DEV BUILD"

int WINAPI _tWinMain(....)
{
  ....
  TCHAR buf[64];
  swprintf_s(buf, sizeof(buf)/2, L"%S", PB_BLDSTR);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fourth actual argument of the 'swprintf_s' function. The pointer to string of wchar_t type symbols is expected. peerblock pb.cpp 232
  • V576 Incorrect format. Consider checking the fourth actual argument of the 'swprintf_s' function. The pointer to string of wchar_t type symbols is expected. peerblock updatelists.cpp 314
  • V576 Incorrect format. Consider checking the fourth actual argument of the 'swprintf_s' function. The pointer to string of wchar_t type symbols is expected. peerblock updatelists.cpp 318

DeSmuME

V576 Incorrect format. Consider checking the second actual argument of the 'printf' function. To print the value of pointer the '%p' should be used. DeSmuME_VS2005 debug.cpp 224


void DEBUG_reset()
{
  ....
  //force a reference to this function
  printf("DEBUG_reset: %08X\n",&DebugStatistics::print);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fifth actual argument of the 'sprintf' function. To print the value of pointer the '%p' should be used. DeSmuME_VS2005 lua-engine.cpp 2216

ffdshow

V576 Incorrect format. A different number of actual arguments is expected while calling 'swprintf' function. Expected: 4. Present: 5. tffdshowdecvideo.cpp 2271


void TffdshowDecVideo::getChapters(void)
{
  ....
  tsprintf(time_str, _l("%02i:%02i:%02"), hh, mm, ss);
  ....
}

CamStudio

V576 Incorrect format. A different number of actual arguments is expected while calling 'fprintf' function. Expected: 2. Present: 3. playplusview.cpp 7157


// Produces a 100% Valid XHTML Strict document to display
// the flash file, which works in all browsers (even IE 4)
void produceFlashHTML(CString htmlfilename,
  CString flashfilename, CString flashfilepath,
  int onlyflashtag, int width, int height,int bk_red,
  int bk_green, int bk_blue)
{
  ....
  fprintf(htmlfile, "<title>%s</title>\n",
    LPCTSTR(flashfilename));
  fprintf(htmlfile, "<style type=\"text/css\">\n");
  fprintf(htmlfile, "#movie\n{\n",
    LPCTSTR(flashfilename)); // <=
  fprintf(htmlfile, "\twidth: %dpx;\n", width);
  fprintf(htmlfile, "\theight: %dpx;\n", height);
  ....
}

I like the comment. How sure the author is! :)


ReactOS

V576 Incorrect format. Consider checking the second actual argument of the 'wprintf' function. The argument is expected to be not greater than 32-bit. dwnl.c 228


UINT64 Size;

static HRESULT STDMETHODCALLTYPE
CBindStatusCallback_OnProgress(....)
{
  ....
  _tprintf(_T("Length: %ull\n"), This->Size);
  ....
}

This is what should be written: _tprintf(_T("Length: %llu\n"), This->Size);


ReactOS

V576 Incorrect format. Consider checking the third actual argument of the 'swprintf' function. To print the value of pointer the '%p' should be used. dialogs.cpp 66


BOOL CALLBACK EnumPickIconResourceProc(HMODULE hModule,
    LPCWSTR lpszType,
    LPWSTR lpszName,
    LONG_PTR lParam
)
{
  ....
  swprintf(szName, L"%u", lpszName);
  ....
}

ReactOS

V576 Incorrect format. Consider checking the third actual argument of the 'fprintf' function. The char type argument is expected. msiexec.c 655


int WINAPI WinMain(....)
{
  LPWSTR *argvW = NULL;
  ....
  fprintf(stderr,
    "Unknown option \"%c\" in Repair mode\n", argvW[i][j]);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the third actual argument of the 'fprintf' function. The char type argument is expected. msiexec.c 705
  • V576 Incorrect format. Consider checking the third actual argument of the 'swprintf' function. The pointer to string of wchar_t type symbols is expected. sminit.c 1831
  • V576 Incorrect format. Consider checking the third actual argument of the 'swprintf' function. The pointer to string of char type symbols is expected. bootsup.c 600
  • And 4 additional diagnostic messages.

NetXMS

V576 Incorrect format. Consider checking the fourth actual argument of the 'fwprintf' function. The pointer to string of wchar_t type symbols is expected. seh.cpp 292


#define _ftprintf       fwprintf

static __inline char * __CRTDECL ctime(const time_t * _Time);

BOOL LIBNETXMS_EXPORTABLE SEHServiceExceptionHandler(....)
{
  ....
  _ftprintf(m_pExInfoFile,
            _T("%s CRASH DUMP\n%s\n"),
            szProcNameUppercase,
            ctime(&t));
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the second actual argument of the 'wprintf' function. The pointer to string of wchar_t type symbols is expected. nxpush.cpp 193
  • V576 Incorrect format. Consider checking the second actual argument of the 'wprintf' function. The pointer to string of wchar_t type symbols is expected. nxpush.cpp 235

Chromium

V576 Incorrect format. Consider checking the fourth actual argument of the 'fprintf' function. The pointer to string of wchar_t type symbols is expected. fs.cc 17


DWORD GetLastError(VOID);

void TryOpenFile(wchar_t *path, FILE *output) {
  wchar_t path_expanded[MAX_PATH] = {0};
  DWORD size = ::ExpandEnvironmentStrings(
    path, path_expanded, MAX_PATH - 1);
  if (!size) {
    fprintf(output,
            "[ERROR] Cannot expand \"%S\". Error %S.\r\n",
            path, ::GetLastError());
  }
  ....
}

TinyCAD

V576 Incorrect format. A different number of actual arguments is expected while calling 'Format' function. Expected: 2. Present: 3. option.cpp 266


CString COption::PointToDisplay(CDPoint a, BOOL horiz)
{
  ....
  if (horiz)
  {
    r.Format(_T("%9.03f"), sy,
             GetUnits() == 0 ? _T("mm") : _T("\""));
  }
  else
  {
    r.Format(_T("%9.03f"), sx,
             GetUnits() == 0 ? _T("mm") : _T("\""));
  }
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. A different number of actual arguments is expected while calling 'Format' function. Expected: 2. Present: 3. option.cpp 270

OpenCOLLADA

V576 Incorrect format. A different number of actual arguments is expected while calling 'fprintf' function. Expected: 6. Present: 5. mayadmtypes.h 657


struct vector
{
  double x;
  double y;
  double z;
  void write(FILE* file) const
  {
    fprintf(file,"%f %f %f %f", x, y, z);
  }
};

Apache Xerces Project

V576 Incorrect format. Consider checking the fourth actual argument of the 'fprintf' function. The argument is expected to be not greater than 32-bit. encodingtest.cpp 74


define XERCES_U64BIT_INT UINT64
typedef XERCES_U64BIT_INT XMLUInt64;
typedef XMLUInt64 XMLFileLoc;
XMLFileLoc SAXParseException::getLineNumber() const;

void ParseErrorHandler::error(const SAXParseException& e)
{
  ....
  fprintf(stderr,
    "\nError at file \"%s\", line %d, char %d:  %s\n",
    systemId, e.getLineNumber(),
    e.getColumnNumber(), message);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fifth actual argument of the 'fprintf' function. The argument is expected to be not greater than 32-bit. encodingtest.cpp 74
  • V576 Incorrect format. Consider checking the fourth actual argument of the 'fprintf' function. The argument is expected to be not greater than 32-bit. encodingtest.cpp 89
  • V576 Incorrect format. Consider checking the fifth actual argument of the 'fprintf' function. The argument is expected to be not greater than 32-bit. encodingtest.cpp 89
  • And 2 additional diagnostic messages.

VirtualDub

V576 Incorrect format. Consider checking the fourth actual argument of the 'printf' function. The argument is expected to be not greater than 32-bit. Asuka lookup.cpp 56


sint64 rva;

void tool_lookup(....) {
  ....
  printf("%08I64x   %s + %x [%s:%d]\n",
    addr, sym->name, addr-sym->rva, fn, line);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the third actual argument of the 'wsprintfA' function. The argument is expected to be not greater than 32-bit. VirtualDub dubstatus.cpp 360
  • V576 Incorrect format. Consider checking the fourth actual argument of the 'printf' function. The argument is expected to be not greater than 32-bit. Asuka lookup.cpp 58

GNU C Library

V576 Incorrect format. Consider checking the fourth actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. netname.c 51


typedef unsigned int __uid_t;
typedef __uid_t uid_t;

int
user2netname (...., const uid_t uid, ....)
{
  ....
  sprintf (netname, "%s.%d@%s", OPSYS, uid, dfltdom);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the second actual argument of the 'printf' function. The SIGNED integer type argument is expected. locarchive.c 1741
  • V576 Incorrect format. Consider checking the fourth actual argument of the 'printf' function. The SIGNED integer type argument is expected. locarchive.c 1741
  • V576 Incorrect format. Consider checking the fifth actual argument of the 'fprintf' function. The SIGNED integer type argument is expected. res_debug.c 236
  • And 13 additional diagnostic messages.

Rhino (JavaScript engine)

V576 Incorrect format. Consider checking the fourth actual argument of the 'sprintf_s' function. To print the value of pointer the '%p' should be used. memleakdetect.cpp 231


void*  address;

void CMemLeakDetect::dumpMemoryTrace()
{
  ....
  sprintf_s(buf, MLD_MAX_NAME_LENGTH, "Memory Leak <0x%X> "
            "bytes(%d) occurance(%d) %s(%d)\n",
            ainfo.address, ainfo.size, ainfo.occurance,
            ainfo.fileName, ainfo.lineNumber);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fourth actual argument of the 'sprintf_s' function. To print the value of pointer the '%p' should be used. memleakdetect.cpp 236
  • V576 Incorrect format. A different number of actual arguments is expected while calling 'sprintf_s' function. Expected: 4. Present: 5. memleakdetect.cpp 490

Rhino (JavaScript engine)

V576 Incorrect format. Consider checking the sixth actual argument of the 'sprintf_s' function. The SIGNED integer type argument is expected. memleakdetect.cpp 261


DWORD memoccurance;

void CMemLeakDetect::dumpMemoryTrace()
{
  ....
  _stprintf_s(buf, MLD_MAX_NAME_LENGTH,
    _T("Total %d Memory Leaks:")
    _T("%d bytes Total Alocations %d\n\n"),
   numLeaks, totalSize, memoccurance);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fifth actual argument of the 'sprintf_s' function. The SIGNED integer type argument is expected. memleakdetect.cpp 231
  • V576 Incorrect format. Consider checking the sixth actual argument of the 'sprintf_s' function. The SIGNED integer type argument is expected. memleakdetect.cpp 231
  • V576 Incorrect format. Consider checking the eighth actual argument of the 'sprintf_s' function. The SIGNED integer type argument is expected. memleakdetect.cpp 231
  • And 4 additional diagnostic messages.

Coin3D

V576 Incorrect format. Consider checking the fourth actual argument of the 'fprintf' function. The SIGNED integer type argument is expected. sbocttree.cpp 214


unsigned int SbOctTreeNode::totalNumberOfItems(void) const;

void
SbOctTreeNode::debugTree(FILE *fp, const int indent) const
{
  ....
  (void)fprintf(fp, "%s, %d items, ",
    this->isLeaf() ? "Leaf" : "Group",
    this->totalNumberOfItems());
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fifth actual argument of the 'printf' function. The SIGNED integer type argument is expected. string.cpp 105

Steamworks SDK

V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. p2pauth.cpp 111


typedef uint32 AccountID_t;
AccountID_t GetAccountID() const;

void CP2PAuthPlayer::OnBeginAuthResponse()
{
  ....
  sprintf( rgch,
           "P2P:: Received steam response for account=%d\n",
           m_steamID.GetAccountID() );
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. p2pauth.cpp 161
  • V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. p2pauth.cpp 170
  • V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. p2pauth.cpp 178
  • And 3 additional diagnostic messages.

CryEngine 3 SDK

V576 Incorrect format. Consider checking the fourth actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. igame.h 66


static void GetNameForFile(
  const char* baseFileName,
  const uint32 fileIdx,
  char outputName[512] )
{
  assert(baseFileName != NULL);
  sprintf( outputName, "%s_%d", baseFileName, fileIdx );
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. igameobject.h 437
  • V576 Incorrect format. Consider checking the sixth actual argument of the 'sprintf_s' function. The SIGNED integer type argument is expected. gamephysicssettings.cpp 239
  • V576 Incorrect format. Consider checking the sixth actual argument of the 'sprintf_s' function. The SIGNED integer type argument is expected. gamephysicssettings.cpp 252
  • And 5 additional diagnostic messages.

Synergy

V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. carchsystemwindows.cpp 90


DWORD dwMajorVersion;
DWORD dwMinorVersion;

std::string
CArchSystemWindows::getOSName() const
{
  ....
  char buffer[100];
  sprintf(buffer, "Microsoft Windows %d.%d",
          info.dwMajorVersion, info.dwMinorVersion);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fourth actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. carchsystemwindows.cpp 90
  • V576 Incorrect format. Consider checking the second actual argument of the 'printf' function. The SIGNED integer type argument is expected. usynergywin32.c 138

V8 JavaScript Engine

V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. putil.c 1905


static const char*
int_getDefaultCodepage()
{
  ....
  sprintf(codepage, "windows-%d", GetACP());
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the second actual argument of the 'printf' function. The SIGNED integer type argument is expected. test-api.cc 14575
  • V576 Incorrect format. Consider checking the third actual argument of the 'printf' function. The SIGNED integer type argument is expected. test-strings.cc 647
  • V576 Incorrect format. Consider checking the fifth actual argument of the 'printf' function. The SIGNED integer type argument is expected. test-strings.cc 647
  • And 4 additional diagnostic messages.

FlightGear

V576 Incorrect format. Consider checking the third actual argument of the 'printf' function. The SIGNED integer type argument is expected. ugear_telnet.cxx 230


unsigned int getPort() const ;

void
UGTelnet::handleAccept()
{
  ....
  printf("Telent server accepted connection from %s:%d\n",
         addr.getHost(), addr.getPort() );
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fourth actual argument of the '_snprintf' function. The SIGNED integer type argument is expected. gps.cxx 53
  • V576 Incorrect format. Consider checking the fifth actual argument of the '_snprintf' function. The SIGNED integer type argument is expected. gps.cxx 53
  • V576 Incorrect format. Consider checking the sixth actual argument of the '_snprintf' function. The SIGNED integer type argument is expected. gps.cxx 53
  • And 2 additional diagnostic messages.

Micro-Manager

V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. MP285Ctrl.cpp 253


int MP285Ctrl::Initialize()
{
  ....
  unsigned int nUm2UStepUnit = MP285::Instance()->GetUm2UStep();
  ....
  sprintf(sUm2UStepUnit, "%d", nUm2UStepUnit);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. MP285Ctrl.cpp 276
  • V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. MP285Ctrl.cpp 327

Scilab

V576 Incorrect format. A different number of actual arguments is expected while calling 'sprintf' function. Expected: 5. Present: 6. getcommentdatesession.c 68


#define FORMAT_SESSION "%s%s%s"

char *getCommentDateSession(BOOL longFormat)
{
  ....
  sprintf(line, FORMAT_SESSION, SESSION_PRAGMA_BEGIN,
          STRING_BEGIN_SESSION, time_str, SESSION_PRAGMA_END);
  ....
}

Scilab

V576 Incorrect format. Consider checking the fourth actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. getdynamicdebuginfo_windows.c 62


DWORD dwMemoryLoad;

char **getDynamicDebugInfo_Windows(int *sizeArray)
{
  ....
  str_info = (char*)MALLOC(sizeof(char)*BUFFER_LEN);
  if (str_info)
  {
    sprintf(str_info,
        "Memory in use: %*ld %%",
        WIDTH,
        statex.dwMemoryLoad);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fourth actual argument of the 'StringCchPrintfW' function. The SIGNED integer type argument is expected. wscilex.c 117
  • V576 Incorrect format. Consider checking the fifth actual argument of the '_snprintf' function. The integer argument of 32-bit size is expected. backtrace_print.cpp 100
  • V576 Incorrect format. Consider checking the fourth actual argument of the 'sprintf' function. The SIGNED integer type argument is expected. getdynamicdebuginfo_windows.c 72
  • And 29 additional diagnostic messages.

Word for Windows 1.1a

V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 3. Present: 1. dini.c 498


ReadAndDumpLargeSttb(cb,err)
  int     cb;
  int     err;
{
  ....
  printf("\n - %d strings were read, "
         "%d were expected (decimal numbers) -\n");
  ....
}

JavaScriptCore

V576 Incorrect format. Consider checking the second actual argument of the 'printf' function. The SIGNED integer type argument is expected. codeblock.cpp 280


void CodeBlock::printStructure(
  const char* name, const Instruction* vPC, int operand) const
{
  unsigned instructionOffset = vPC - m_instructions.begin();
  printf("  [%4d] %s: %s\n", instructionOffset, name,
    pointerToSourceString(vPC[operand].u.structure).
      UTF8String().c_str());
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the second actual argument of the 'printf' function. The SIGNED integer type argument is expected. codeblock.cpp 297
  • V576 Incorrect format. Consider checking the second actual argument of the 'printf' function. The SIGNED integer type argument is expected. codeblock.cpp 301
  • V576 Incorrect format. Consider checking the second actual argument of the 'printf' function. The SIGNED integer type argument is expected. codeblock.cpp 305
  • And 5 additional diagnostic messages.

TortoiseGit

V576 Incorrect format. A different number of actual arguments is expected while calling 'Format' function. Expected: 2. Present: 3. git.cpp 1231


int CGit::GetCommitDiffList(....)
{
  ....
  cmd.Format(
    _T("git.exe diff -r -R --raw -C -M --numstat -z %s --"),
    ignore, rev1);
  ....
}

WebRTC

V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The pointer to string of char type symbols is expected. trace_win.cc 112


int32_t TraceWindows::AddDateTimeInfo(char* trace_message) const
{
  ....
  TCHAR sz_date_str[20];
  TCHAR sz_time_str[20];
  ....
  sprintf(trace_message,
          "Local Date: %s Local Time: %s",
          sz_date_str,
          sz_time_str);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fourth actual argument of the 'sprintf' function. The pointer to string of char type symbols is expected. trace_win.cc 112

Cocos2d-x

V576 Incorrect format. Consider checking the fourth actual argument of the 'fprintf' function. The pointer to string of char type symbols is expected. ccconsole.cpp 341


#ifdef UNICODE
#define gai_strerror   gai_strerrorW            // <=
#else
#define gai_strerror   gai_strerrorA
#endif  /* UNICODE */

bool Console::listenOnTCP(int port)
{
  ....
  fprintf(stderr,"net_listen error for %s: %s", // <=
    serv, gai_strerror(n));                     // <=
  ....
}

Miranda NG

V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The argument is expected to be not greater than 32-bit. AdvaImg tagconversion.cpp 202


static const char*
ConvertAnyTag(FITAG *tag) {
  ....
  UINT64 *pvalue = (UINT64 *)FreeImage_GetTagValue(tag);
  sprintf(format, "%ld", pvalue[0]);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The argument is expected to be not greater than 32-bit. AdvaImg tagconversion.cpp 205
  • V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The argument is expected to be not greater than 32-bit. AdvaImg tagconversion.cpp 215
  • V576 Incorrect format. Consider checking the third actual argument of the 'sprintf' function. The argument is expected to be not greater than 32-bit. AdvaImg tagconversion.cpp 218
  • And 3 additional diagnostic messages.

Spring Engine

V576 Incorrect format. Consider checking the fifth actual argument of the 'sprintf' function. To print the value of pointer the '%p' should be used. engine-dedicated%engine-headless%engine-legacy seh.cpp 45


void __cdecl
se_translator_function(unsigned int err,
                       struct _EXCEPTION_POINTERS* ep)
{
  char buf[128];
  sprintf(buf,"%s(0x%08x) at 0x%08x",ExceptionName(err), // <=
    errep->ExceptionRecord->ExceptionAddress);           // <=
  CrashHandler::ExceptionHandler(ep);
  throw std::exception(buf);
}

Godot Engine

V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 1. Present: 2. editor_sample_import_plugin.cpp 705


void EditorSampleImportPlugin::_compress_ima_adpcm(....)
{
  ....
  if (xm_sample==32767 || xm_sample==-32768)
    printf("clippy!\n",xm_sample);
  ....
}

FreeCAD

V576 Incorrect format. A different number of actual arguments is expected while calling 'fprintf' function. Expected: 2. Present: 3. memdebug.cpp 222


int __cdecl MemDebug::sAllocHook(....)
{
  ....
  if ( pvData != NULL )
    fprintf( logFile, " at %p\n", pvData );
  else
    fprintf( logFile, "\n", pvData );         // <=
  ....
}

Apple II emulator

V576 Incorrect format. A different number of actual arguments is expected while calling 'wsprintfA' function. Expected: 3. Present: 5. debug.cpp 939


Update_t CmdBreakOpcode (int nArgs) // Breakpoint IFF Full-speed!
{
  ....
    wsprintf( sText, TEXT("%s full speed Break on Opcode: None")
      , sAction
      , g_iDebugBreakOnOpcode
      , g_aOpcodes65C02[ g_iDebugBreakOnOpcode ].sMnemonic
    );
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. A different number of actual arguments is expected while calling 'fprintf' function. Expected: 8. Present: 9. debug.cpp 7377
  • V576 Incorrect format. A different number of actual arguments is expected while calling 'sprintf' function. Expected: 3. Present: 4. debugger_help.cpp 1263
  • V576 Incorrect format. A different number of actual arguments is expected while calling 'sprintf' function. Expected: 3. Present: 4. debugger_help.cpp 1265
  • And 9 additional diagnostic messages.

Wine Is Not an Emulator

V576 Incorrect format. Consider checking the fourth actual argument of the 'printf' function. To print the value of pointer the '%p' should be used. msvcirt.c 828


DEFINE_THISCALL_WRAPPER(streambuf_dbp, 4)
void __thiscall streambuf_dbp(streambuf *this)
{
  ....
  printf(" base()=%p, ebuf()=%p,  blen()=%d\n",
         this->base, this->ebuf, streambuf_blen(this));
  printf("pbase()=%p, pptr()=%p, epptr()=%d\n",
         this->pbase, this->pptr, this->epptr);
  printf("eback()=%p, gptr()=%p, egptr()=%d\n",
         this->eback, this->gptr, this->egptr);
  ....
}

Cfront

V576 Incorrect format. A different number of actual arguments is expected while calling 'fprintf' function. Expected: 3. Present: 4. generic.c 8


extern
genericerror(int n, char* s)
{
  fprintf(stderr,"%s\n",
          s?s:"error in generic library function",n);
  abort(111);
  return 0;
};

Dolphin Smalltalk 7

V576 Incorrect format. Consider checking the fourth actual argument of the 'wsprintfA' function. To print the value of pointer the '%p' should be used. interfac.cpp 679


inline DWORD __stdcall
Interpreter::GenericCallbackMain(SMALLINTEGER id, BYTE* lpArgs)
{
  ....
  #ifdef _DEBUG
  {
    char buf[128];
    wsprintf(buf, "WARNING: .... (%d, %x)\n", id, lpArgs);
    WarningWithStackTrace(buf);
  }
  #endif
  ....
}

Open X-Ray Engine

V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 2. Present: 1. entry_point.cpp 41


void safe_verify(....)
{
  ....
  printf("FATAL ERROR (%s): failed to verify data\n");
  ....
}

ReOpenLDAP

V576 Incorrect format. Consider checking the fourth actual argument of the 'snprintf' function. The SIGNED argument of memsize type is expected. conn.c 309


struct Connection {
  ....
  unsigned long c_connid;
  ....
}

....
static int
conn_create(....)
{
  ....
  bv.bv_len = snprintf( buf, sizeof( buf ),
                        "cn=Connection %ld", // <=
                        c->c_connid );
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the third actual argument of the 'fprintf' function. The SIGNED integer type argument is expected. ure.c 1865
  • V576 Incorrect format. Consider checking the third actual argument of the 'fprintf' function. The SIGNED argument of memsize type is expected. tools.c 211
  • V576 Incorrect format. Consider checking the fourth actual argument of the 'fprintf' function. The UNSIGNED integer type argument is expected. mdb.c 1253

ICQ

V576 Incorrect format. Consider checking the second actual argument of the 'wprintf' function. The pointer to string of wchar_t type symbols is expected. coretest coretest.cpp 50


virtual void receive(const char* _message, ....) override
{
  wprintf(L"receive message = %s\r\n", _message);
  ....
}

Far2l

V576 Incorrect format. Consider checking the fourth actual argument of the 'swprintf' function. The char type argument is expected. FarEditor.cpp 827


void FarEditor::showOutliner(Outliner *outliner)
{
  ....
  wchar_t cls =
    Character::toLowerCase((*region)[region->indexOf(':') + 1]);

  si += swprintf(menuItem+si, 255-si, L"%c ", cls);
  ....
}

Similar errors can be found in some other places:

  • V576 Incorrect format. Consider checking the fourth actual argument of the 'swprintf' function. The pointer to string of char type symbols is expected. cmddata.cpp 257
  • V576 Incorrect format. Consider checking the third actual argument of the 'fprintf' function. The char type argument is expected. vtansi.cpp 1033
  • V576 Incorrect format. Consider checking the third actual argument of the 'fprintf' function. The char type argument is expected. vtansi.cpp 1038

EFL Core Libraries

V576 Incorrect format. Consider checking the third actual argument of the 'sscanf' function. It's dangerous to use '%s' specifier without width specification. Buffer overflow is possible. eina_hamster.c 68


EAPI int
eina_hamster_count(void)
{
  ....
  int hrs = 0, min = 0, sec = 0;
  char mon[8] = "";
  int monnum = 0, day = 0, year = 0;
  int fields;
  ....
  fields = sscanf(_eina_hamster_date, "%s %d %d",
                  mon, &day, &year);
  ....
}

Tizen

V576 Incorrect format. Consider checking the third actual argument of the 'fprintf' function. Under certain conditions the pointer can be null. image_util_decode_encode_testsuite.c 124


static int _write_file(const char *file_name, void *data,
                       unsigned long long data_size)
{
  FILE *fp = NULL;

  if (!file_name || !data || data_size <= 0) {
    fprintf(stderr, "\tinvalid data %s %p size:%lld\n",
            file_name, data, data_size);
    return FALSE;
  }
  ....
}

Tizen

V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 1. Present: 2. surveillance_test_suite.c 393


void subscribe_to_event()
{
  ....
  int error = ....;
  ....
  PRINT_E(
    "Failed to destroy engine configuration for event trigger.",
    error);
  ....
}

Macro PRINT_E expands into printf.

Similar errors can be found in some other places:

  • V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 1. Present: 2. surveillance_test_suite.c 410
  • V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 1. Present: 2. surveillance_test_suite.c 417

Enlightenment

V576 Incorrect format. Consider checking the third actual argument of the 'fprintf' function. A null pointer is used. e_mod_notifier_host_dbus.c 209


static void
props_get_all_cb(void *data, const Eldbus_Message *msg,
                 Eldbus_Pending *pending EINA_UNUSED)
{
  ....
  if (!item->menu_path)
    ERR("Notifier item %s dont have menu path.",
        item->menu_path);
  ....
}

0 A.D.

V576 CWE-628 Incorrect format. Consider checking the fifth actual argument of the 'swprintf_s' function. The char type argument is expected. trace.cpp 93


std::wstring TraceEntry::EncodeAsText() const
{
  const wchar_t action = (wchar_t)m_action;
  wchar_t buf[1000];
  swprintf_s(buf, ARRAY_SIZE(buf), L"%#010f: %c \"%ls\" %lu\n",
             m_timestamp, action, m_pathname.string().c_str(),
             (unsigned long)m_size);
  return buf;
}

Similar errors can be found in some other places:

  • V576 CWE-628 Incorrect format. Consider checking the fourth actual argument of the 'swprintf_s' function. The char type argument is expected. vfs_tree.cpp 211

FreeRDP

V576 Incorrect format. Consider checking the third actual argument of the 'sscanf' function. A pointer to the unsigned int type is expected. proxy.c 220


static BOOL check_no_proxy(....)
{
  ....
  int sub;
  int rc = sscanf(range, "%u", &sub);

  if ((rc == 1) && (rc >= 0))
  {
    ....
  }
  ....
}

FlipperZero

V576 [CWE-628, CERT-FIO47-C] Incorrect format. Consider checking the fifth actual argument of the 'sscanf' function. A pointer to the unsigned int type is expected. subghz_cli.c 105


void subghz_cli_command_tx(Cli* cli, string_t args, void* context) {
  uint32_t frequency = 433920000;
  uint32_t key = 0x0074BADE;
  size_t repeat = 10;

  if(string_size(args)) {
    int ret = sscanf(string_get_cstr(args),
                     "%lx %lu %u", &key, &frequency, &repeat);
  ....
}

FlipperZero

V576 [CWE-628, CERT-FIO47-C] Incorrect format. Consider checking the fourth actual argument of the 'sscanf' function. A pointer to the signed long type is expected. irda-app-file-parser.cpp 247


std::unique_ptr<IrdaAppFileParser::IrdaFileSignal>
    IrdaAppFileParser::parse_signal_raw(const std::string& string) const {
    uint32_t frequency;
    uint32_t duty_cycle;
    std::string_view str(string.c_str());
    auto irda_file_signal = std::make_unique<IrdaFileSignal>();

    int parsed = std::sscanf(
        str.data(), "%31s RAW F:%ld DC:%ld",
        irda_file_signal->name, &frequency, &duty_cycle);
  ....
}

Similar errors can be found in some other places:

  • V576 [CWE-628, CERT-FIO47-C] Incorrect format. Consider checking the fifth actual argument of the 'sscanf' function. A pointer to the signed long type is expected. irda-app-file-parser.cpp 247