C - The %x format specifier

c string security format
Matthew picture Matthew · Feb 27, 2013 · Viewed 219k times · Source

I have a small question. I know that the %x format specifier can be used to read values from the stack in a format string attack.

I found the following code:

%08x%08x%08x%08x

What does the 08 mean? What is it doing exactly? Thanks :)

Answer

sonicwave picture sonicwave · Feb 27, 2013

Break-down:

  • 8 says that you want to show 8 digits
  • 0 that you want to prefix with 0's instead of just blank spaces
  • x that you want to print in lower-case hexadecimal.

Quick example (thanks to Grijesh Chauhan):

#include <stdio.h>
int main() {
    int data = 29;
    printf("%x\n", data);    // just print data
    printf("%0x\n", data);   // just print data ('0' on its own has no effect)
    printf("%8x\n", data);   // print in 8 width and pad with blank spaces
    printf("%08x\n", data);  // print in 8 width and pad with 0's

    return 0;
}

Output: 

1d
1d
      1d
0000001d

Also see http://www.cplusplus.com/reference/cstdio/printf/ for reference.

Related questions

Are there any free implementations of strcpy_s and/or TR24731-1?

I have an old project that is mixed C and C++. It makes extensive use of C strings and of strcpy,strcat,strncpy,strncat etc. I've uncovered a number of buffer overflows, and I'd like to use more secure functions, …

Read More
How to write value into an address in format string attack

I'm taking a security course which needs us to do format string attack on an unix virtual machine. The vulnerability is a format string using command line argument. My question is how can I write value into an address in …

Read More
How do I concatenate const/literal strings in C?

I'm working in C, and I have to concatenate a few things. Right now I have this: message = strcat("TEXT ", var); message2 = strcat(strcat("TEXT ", foo), strcat(" TEXT ", bar)); Now if you have experience in C I'm sure you realize …

Read More