Sample Header Ad - 728x90

Are there security consequences from not giving printf a format to use?

16 votes
2 answers
3453 views
shell security printf
A well-formed printf usually has a format to use: 
$ var="Hello"
$ printf '%s\n' "$var"
Hello
However, what could be the security implications of not providing a format? 
$ printf "$var"
Hello
As the variable expansion is quoted, there should not be any issues, are there?
Asked by user232326
Apr 26, 2022, 10:25 PM
Last activity: Sep 9, 2024, 06:51 AM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Unix & Linux Stack Exchange

More questions tagged "shell"
More questions tagged "security"
More questions tagged "printf"
Footer Ad - 728x90