which is almost as convenient, has the same “security advantage” of systemf (handling spaces and special characters in user_input) and the further advantage of “a whole lot less code”, not to mention less code written by Cisco.
I agree with @geocar that the formatting bits are somewhat concerning. Especially since they use nonstandard format specifiers and so can’t take advantage of compiler warnings like -Wformat.
This C library provides prepared statements for the system() function. It’s under the Apache license.
Maybe you can see the appeal of adopting something like this:
but I’m wary of what looks like a lot of parsing and other junk. Most of the time I’ll just do this:
which is almost as convenient, has the same “security advantage” of systemf (handling spaces and special characters in user_input) and the further advantage of “a whole lot less code”, not to mention less code written by Cisco.
I agree with @geocar that the formatting bits are somewhat concerning. Especially since they use nonstandard format specifiers and so can’t take advantage of compiler warnings like
-Wformat.