C - The %x format specifier

CStringSecurityFormat

C Problem Overview

I have a small question. I know that the %x format specifier can be used to read values from the stack in a format string attack.

I found the following code:

%08x%08x%08x%08x

What does the 08 mean? What is it doing exactly? Thanks :)

C Solutions

Solution 1 - C

Break-down:

  • 8 says that you want to show 8 digits
  • 0 that you want to prefix with 0's instead of just blank spaces
  • x that you want to print in lower-case hexadecimal.

Quick example (thanks to Grijesh Chauhan):

#include <stdio.h>
int main() {
    int data = 29;
    printf("%x\n", data);    // just print data
    printf("%0x\n", data);   // just print data ('0' on its own has no effect)
    printf("%8x\n", data);   // print in 8 width and pad with blank spaces
    printf("%08x\n", data);  // print in 8 width and pad with 0's

    return 0;
}

Output:

1d
1d
      1d
0000001d

Also see http://www.cplusplus.com/reference/cstdio/printf/ for reference.

Solution 2 - C

%08x means that every number should be printed at least 8 characters wide with filling all missing digits with zeros, e.g. for '1' output will be 00000001

Solution 3 - C

The format string attack on printf you mentioned isn't specific to the "%x" formatting - in any case where printf has more formatting parameters than passed variables, it will read values from the stack that do not belong to it. You will get the same issue with %d for example. %x is useful when you want to see those values as hex.

As explained in previous answers, %08x will produce a 8 digits hex number, padded by preceding zeros.

Using the formatting in your code example in printf, with no additional parameters:

printf ("%08x %08x %08x %08x");

Will fetch 4 parameters from the stack and display them as 8-digits padded hex numbers.

Solution 4 - C

That specifies the how many digits you want it to show.

> integer value or * that specifies minimum field width. The result is padded with space characters (by default), if required, on the left when right-justified, or on the right if left-justified. In the case when * is used, the width is specified by an additional argument of type int. If the value of the argument is negative, it results with the - flag specified and positive field width.

Solution 5 - C

From http://en.wikipedia.org/wiki/Printf_format_string

use 0 instead of spaces to pad a field when the width option is specified. For example, printf("%2d", 3) results in " 3", while printf("%02d", 3) results in "03".

Categories
Recommended C Solutions
Recommended String Solutions
Recommended Security Solutions
Recommended Format Solutions

Previous Solution:

How to view GitHub Contributors Graph for branches other than master?

GraphGithub

Next Solution:

The OutputPath property is not set for project

MsbuildJenkins

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionMatthewView Question on Stackoverflow
Solution 1 - CsonicwaveView Answer on Stackoverflow
Solution 2 - CVladimirView Answer on Stackoverflow
Solution 3 - CIamTheWalrusView Answer on Stackoverflow
Solution 4 - CTony The LionView Answer on Stackoverflow
Solution 5 - CDavid RanieriView Answer on Stackoverflow