Printf
From Wikipedia, the free encyclopedia
- The correct title of this article is printf. The initial letter is shown capitalized due to technical restrictions.
Several programming languages implement a printf
function, to output a formatted string. It originated from the C programming language, where it has a prototype similar to the following:
int printf(const char *format, ...)
The string constant format
provides a description of the output, with placeholders marked by "%" escape characters, to specify both the relative location and the type of output that the function should produce.
For example in C
printf("Color %s, number1 %d, number2 %05d, hex %x, float %5.2f.\n", "red", 123456, 89, 255, 3.14);
will print following line (including new-line character, \n):
Color red, number1 123456, number2 00089, hex ff, float 3.14.
The printf function returns the number of characters printed, or a negative value if an output error occurred.
Perl also has a printf
function. Common Lisp has a format function which acts according to the same principles as printf
, but uses different characters for output conversion. Python has an analogue (as the %
operator). The GLib library contains g_print
, an implementation of printf
.
Some Unix systems have a printf
program for use in shell scripts. This can be used instead of echo in situations where the latter is not portable. For example:
echo -n -e "$FOO\t$BAR'
may be rewritten portably as:
printf '%s\t%s' "$FOO" "$BAR"
PHP also has the printf
function, with the same specifications and usage as that in C/C++. MATLAB does not have printf
, but does have its two extensions sprintf
and fprintf
which use the same formatting strings.
JavaScript does not have a printf
function, despite it being a curly bracket programming language.
Contents |
[edit] Derivative functions
The C Standard specifies a number of derivative functions to further leverage the printf functionality:
[edit] fprintf
int fprintf(FILE *stream, const char *format, ...)
fprintf
enables printf output to be written to any file. Programmers frequently use it to print errors, by writing to the standard error device, but it can operate with any file opened with the fopen
function.
[edit] sprintf
int sprintf (char *str, const char *format, ...)
sprintf
prints to a string (char array) instead of to standard output. Users of sprintf
must ensure, via calculation or via a guard page, that the resulting string will not be larger than the memory allocated for str. Failure to ensure this can allow a buffer overflow to occur.
It is notable that in PHP the sprintf
function does not have the str
argument. Instead, it returns the formatted output string. The prototype in PHP is like this:
string sprintf (const string format, ...)
[edit] Safer alternatives to sprintf
As an alternative, many environments offer the snprintf
function:
int snprintf(char *str, size_t size, const char *format, ...)
snprintf
is guaranteed not to write more than size bytes into str, so use of it can help avoid the risk of a buffer overflow, as in the following code snippet:
#define BUFFER_SIZE 50 char buf[BUFFER_SIZE]; int n; ... n = snprintf(buf, BUFFER_SIZE, "Your name is %s.\n", username); if (n < 0 || n >= BUFFER_SIZE) /* Handle error */
If username in the above example exceeds 50 characters in length, the function will limit the string that gets saved in buf by cutting off final characters (truncating). This may seem undesirable, but it is usually preferable to having a security vulnerability, to which buffer overflows can often lead. Additionally, the return code of snprintf
indicates how many characters the function would have written to the string had enough space existed. Systems can use this information to allocate a new (larger) buffer if they require the whole string.
snprintf
does not form part of the widely implemented ANSI C standard, as sprintf
does. However, it came into the language for the later C99 standard and often existed in C libraries before that.
Another safe sprintf
alternative is asprintf
:
int asprintf(char **ret, const char *format, ...)
asprintf
automatically allocates enough memory to hold the final string. It sets *ret
to a pointer to the resulting string, or to an undefined value if an error occurred (GLibc is notable in being the only implementation that doesn't always set *ret
to NULL on error). The programmer using asprintf
has the responsibility of freeing the allocated memory after use. Though not part of any standard, asprintf
comes in the C libraries of several operating systems (including OpenBSD, FreeBSD, and NetBSD) and on other platforms in the libiberty library.
[edit] vprintf, vfprintf, vsprintf, vsnprintf, and vasprintf
int vprintf(const char *format, va_list ap); int vfprintf(FILE *stream, const char *format, va_list ap); int vsprintf(char *str, const char *format, va_list ap); int vsnprintf(char *str, size_t size, const char *format, va_list ap); int vasprintf(char **ret, const char *format, va_list ap);
These are analogous to the above functions without the vs, except that they use variable argument lists. These functions offer the ability for programmers to essentially create their own printf variants. For instance, a programmer could write a function
void fatal_error(const char *format, ...)
which would use the va_start
macro to obtain a va_list
variable from the extra parameters, print a message on the standard error device using vfprintf
, clean up after the va_list
variable with the va_end
macro, and finally perform the necessary tasks to cleanly shut down the program.
Another common application of these functions is to write a custom printf that prints to a different target than a file. For instance, a graphical library might provide a printf-like function with X and Y coordinates:
int graphical_printf(int x, int y, const char *format, ...)
This would work by temporarily saving the string to a private buffer using vsnprintf
or vasprintf
.
[edit] printf format placeholders
Formatting takes place via placeholders within the format string. For example, if a program wanted to print out a person's age, it could present the output by prefixing it with "Your age is ". To denote that we want the integer for the age to be shown immediately after that message, we may use the format string:
"Your age is %d."
The syntax for a format placeholder is "%[flags][width][.precision][length]type".
Where type can be any of:
- 'd', 'i' : Print an
int
as a signed decimal number. '%d' and '%i' are synonymous for output, but are different when used withscanf()
for input. - 'u' : Print decimal
unsigned int
. - 'f', 'F' : Print a
double
in normal (fixed-point) notation. - 'e', 'E' : Print a real value in standard form ([-]d.ddd e[+/-]ddd).
- 'g', 'G' : Print a
double
in either normal or exponential notation, whichever is more appropriate for its magnitude. 'g' uses lower-case letters, 'G' uses upper-case letters. This type differs slightly from fixed-point notation in that insignificant zeroes to the right of the decimal point are not included. Also, the decimal point is not included on whole numbers. - 'x', 'X' : Print an
unsigned int
as a hexadecimal number. 'x' uses lower-case letters and 'X' uses upper-case. - 'o' : Print an
unsigned int
in octal. - 's' : Print a character string.
- 'c' : Print a
char
(character). - 'p' : Print a
void *
(pointer to void) in an implementation-defined format. - 'n' :
- '%' : Print a literal '%' character (this type doesn't accept any flags, width, precision or length).
Flags can be omitted or be any of:
- '+' : Causes printf to always denote the sign '+' or '-' of a number (the default is to omit the sign for positive numbers). Only applicable to numeric types.
- '-' : Causes printf to left-align the output of this placeholder (the default is to right-align the output).
- '#' : Alternate form. For 'g' and 'G', trailing zeros are not removed. For 'f', 'F', 'e', 'E', 'g', 'G', the output always contains a decimal point. For 'o', 'x', and 'X', a 0, 0x, and 0X, respectively, is prepended to non-zero numbers.
- ' ' :
- '0' : Causes printf use '0' (instead of spaces) to left fill a fixed length field. For example (assume i = 3) printf("%2d", i) results in " 3", while printf("%02d", i) results in "03"
Width can be omitted or be any of:
- a number : Causes printf to pad the output of this placeholder with spaces until it is at least number characters wide. If number has a leading '0', then padding is done with '0' characters.
- '*' : Causes printf to pad the output until it is n characters wide, where n is an integer value stored in the next argument. For example printf("%*d", 5, 10) will result in "10" being printed with a width of 5.
.Precision can be omitted or be any of:
- a number : For non-integral numeric types, causes the decimal portion of the output to be expressed in at least number digits. For the string type, causes the output to be truncated at number characters.
- '*' : Same as the above, but uses an integer value in the next argument to determine the number of decimal places or maximum string length. For example, printf("%.*s", 3, "abcdef") will result in "abc" being printed.
Length can be omitted or be any of:
- 'hh' : For integer types, causes printf to expect a char length argument
- 'h' : For integer types, causes printf to expect a short integer argument.
- 'l' : (ell) For integer types, causes printf to expect a long integer argument.
- 'll' : (ell ell) For integer types, causes printf to expect a long long integer argument.
- 'L' :
- 'z' :
If the syntax of a conversion specification is invalid, behavior remains undefined. If there are too few function arguments provided to supply values for all the conversion specifications in the template string, or if the arguments are not of the correct types, the results are also undefined. Excess arguments are ignored. In a number of cases the undefined behavior has lead to "Format string attack" security vulnerabilities. Note that some compilers, like the GNU Compiler Collection, will statically check the format strings of printf like functions and warn about problems.
[edit] Custom printf format placeholders
There are a few implementations of printf-like functions that allow extensions to the escape-character-based mini-language, thus allowing the programmer to have a specific formatting function for non-builtin types. One of the most well-known is glibc's register_printf_function(). However, it is rarely used due to the fact that it conflicts with static format string checking. Another is Vstr custom formatters, which allows adding multi-character format names, and can work with static format checkers.
Some applications (like the Apache HTTP Server) include their own printf-like function, and embed extensions into it. However these all tend to have the same problems that register_printf_function() has.
Most non-C languages that have a printf like function work around the lack of this feature by just using the "%s" format and converting the object to a string representation. C++ offers a notable exception, in that it has a printf function inherited from its C history but instead has a completely different mechanism that is preferred.
[edit] Programming languages with printf
- C programming language, and subsequently C++ and Obj-C (C++ also provides overloaded shift operators and manipulators as an alternative for formatted output - see iostream and iomanip)
- Bourne shell (sh) and derivatives such as Korn shell (ksh), Bourne again shell (bash), or Z shell (zsh)
- Java programming language (since version 1.5)
- Ruby programming language
- Python programming language (using the % operator)
- PHP programming language, web-based inflected form of C
- Perl
- GNU Octave
- Maple computer algebra system
- AMPL