应用程序将数据收集到一个简单的格式化字符串中。
This application collects the data into a simply formatted string.
常见的格式化字符串攻击来自于一个思想:攻击者可以控制显示数据所使用的格式。
The often-serious format string attack is based on the idea that an attacker can control the format used to display data.
上面代码中的格式化字符串 %1$tB告诉程序使用第一个参数并打印date对象的完整月名。
The %1$tB formatting string in the code above tells the program to use the first argument and print out the full month name for the date object.
将任何挂起的制表符间距和一个包含对象数组的文本表示形式的格式化字符串写入到输出流,并在后面跟上一个行结束符字符串。
Writes any pending tab spacing and a formatted string that contains the text representation of an object array, followed by a line terminator string, to the output stream.
将任何挂起的制表符间距和一个包含两个对象的文本表示形式的格式化字符串写入到输出流,并在后面跟上一个行结束符字符串。
Writes any pending TAB spacing and a formatted string that contains the text representation of two objects, followed by a line terminator string, to the output stream.
printf 的格式化字符串也可以输出数据(使用 %n指令),并且可以暴露任意的数据,这就使得这个问题成为一个非常严重的漏洞。
printf format strings can also write data (using the %n directive) and reveal arbitrary data, making this a critical vulnerability. Following is an example of this mistake
要格式化字符串的宽度,请在A后面放入一个整数。
To format the width of a character string, follow the a with an integer.
可以使用下面示例中所示的格式字符串格式化数值。
Numeric values can be formatted with a format string as shown in the example.
如果正在处理已格式化的字符串,则需要特别注意空格问题。
If you are dealing with the formatted string, you need to pay special attention to the blank space issue.
无论传递的是整数还是预格式化的字符串,都没有关系,最终传送的SOAP消息都是一样的。
It doesn't matter whether we pass in an integer or a pre-formatted string, the SOAP messages that flow as a result are identical.
AddressDisplay对象有两部分:地址类型和一个格式化的地址字符串。
The AddressDisplay object has two parts: the type of address and a formatted address string.
gcc编译器选项-Wformat-security 可以警告您代码中可能受到格式化字符串攻击的地方。
The gcc compiler option -Wformat-security will warn you of some cases where the code may be vulnerable to format string attacks.
除了格式化字符串参数,所有其他的参数都必须用一个元组(tuple)或是一个字典(dictionary)进行挤压。
Exempting the format string argument, all other arguments must be squeezed in with either a tuple or a dictionary.
ConsoleAPI内其他有用的特性还有堆栈跟踪、对象检查和字符串格式化。
Other useful features in the Console API are stack traces, object inspection, and string formatting.
您可能以前没有看到过这种打印方式,格式化print语句将把一个格式字符串应用到后续数据中以创建特定格式的输出。
In case you haven't seen this before, a formatted print statement applies a format string to subsequent data to create specially formatted output.
很多Python程序员都感觉用来格式化字符串的这个内置的%操作符太有限了,这是因为。
Many Python programmers felt that the built-in % operator for formatting strings was too constrained, because.
D {string}- string字符串是strftime函数的格式化参数。
D {string} - string is formatted using the strftime function.
这通过属性名返回一个格式化的字符串来实现。
This is achieved by iterating though the properties names and returning them as a formatted String. Add the following method to your mediation handler class.
最里面的print语句使用了一个名为字符串格式化的新概念来创建格式设置精美的表。
The innermost print statement utilizes a new concept, called string formatting to create a nicely formatted table.
sql字符串的格式化(select2 . jy)。
这些键看上去象格式化好的十六进制随机字符串(例如C0B9FE13- 179f - 413d -8a5b - 5004db8e5bb2)。
These keys look like a formatted random hexadecimal string (for example, C0B9FE13-179F-413D-8A5B-5004DB8E5BB2).
如果字符串匹配,则执行适当的计算,并返回格式化的字符串,以供显示。
The string is matched, the appropriate calculation is performed, and a formatted string is returned to be displayed.
Render —返回HTML字符串的函数,这些字符串根据我们显示每个服务器条目的规则进行格式化。
Render — Function that returns an HTML string, formatted according to some rules we devise on how we prefer each server entry to be displayed.
基于Jython内置字典的字符串格式化与c中printf的一样强大,我们可以使用%运算符来关联字典。
With Jython's built in dictionary based String formatting which is as powerful as printf in c, we can associate a dictionary using the % operator.
发送一个格式化字符串和参数(还可能有Locale)、并使用在格式化字符串中指定的格式转换参数。
Send a format string and arguments (with a possible Locale) and use what is specified in the format string to convert the arguments.
然后创建并输出复合的string,这个字符串是用string格式化技术创建的。
Then it creates and outputs a compound string, created using the string formatting technique.
字符串格式化是一种非常有用的技术,用于以格式设置精美的布局创建由不同数据类型组成的string。
String formatting is a powerful technique for creating a string composed of different data types in a nicely formatted layout.
也就是说,在Vimscript中,printf并不会输出其数据参数列表的格式化后的版本;它会返回一个字符串,其中包含了数据参数列表的格式化后的版本。
That is, in Vimscript, printf doesn't print a formatted version of its list of data arguments; it returns a string containing a formatted version of its list of data arguments.
要格式化一个Joda对象,调用它的toString方法,并且如果您愿意的话,传递一个标准的ISO- 8601或一个JD K兼容的控制字符串,以告诉JD K如何执行格式化。
To format a Joda object, call its toString method and, if you wish, pass either a standard ISO-8601 or a JDK-compatible control string to tell Joda how to format it.
在c语言中,一个常见的错误是将攻击者的数据传递到格式化字符串参数中(例如printf(3)的第一个参数)。
In c, a common mistake is to pass attacker data into format string parameters (such as the first parameter of printf (3)).
应用推荐