stop passing unsanitized inputs to printf(3) challenge 2022
Conversation
this is probably something that crab lang gets better, but i haven't bothered to test it
2
26
answer: yes, 🦀 lang proves it is best lang yet again
1
3
39
This Tweet was deleted by the Tweet author. Learn more
Replying to
oh, good, the `dig` output represents escape characters as decimal, not octal. lovely.
welp, looks like crab-lang could stand to build in some input sanitization for `str`'s fmt::Display impl
3
2
println! isn't an actual function (due to !) but rather a syntax extension parsing the initial string token as a compile-time parameter to generate the code necessary to handle the rest. The additional parameters are simply passed along to the runtime formatting infrastructure.
It's possible to handle them differently by defining a new string type with a different implementation of the traits for displaying it. I don't think there's anything wrong with the current implementation. It'd likely be bad if it tried to guess how to sanitize for an output.
1
doc.rust-lang.org/reference/proc is documentation on the feature println! is using: procedural macros, also known as proc macros. It's also how custom derive and attribute implementations are made. It allows you to write Rust code run at compile-time to turn one token stream into another.