1 // 2 // printf_count_output.cpp 3 // 4 // Copyright (c) Microsoft Corporation. All rights reserved. 5 // 6 // Defines the functions that control the enable state of %n. 7 // 8 #include <corecrt_internal_stdio.h> 9 10 11 12 static UINT_PTR enable_percent_n = 0; 13 14 15 16 // Enables or disables the %n format specifier for the printf family of functions. 17 // Note the use of the __security_cookie: if the static variable was set to a 18 // known value, an attacker could potentially modify that value and then provide 19 // a malicious %n specifier. The cookie is or'ed with 1 becuase a cookie with a 20 // value of zero is possible. 21 extern "C" int __cdecl _set_printf_count_output(int const value) 22 { 23 int const old = (enable_percent_n == (__security_cookie | 1)); 24 enable_percent_n = (value ? (__security_cookie | 1) : 0); 25 return old; 26 } 27 28 29 30 // Tests whether the %n format specifier for the printf family of functions is 31 // enabled. 32 extern "C" int __cdecl _get_printf_count_output() 33 { 34 return enable_percent_n == (__security_cookie | 1); 35 } 36