More Document Number: N2834
Submitter: Aaron Peter Bachmann
Submission Date: 2021-10-07
%n format specifier
%n is the target of attacks
trying to compromise software, but provides little utility.
Thus, this paper proposes deprecating or obsoleting the %n
%nis not supported in
%nformat specifier by default. 
Arguments in favor of the proposal:
%nwe can always use the return value of one of the printf-style functions.
%nis not provided by several C-libraries, thus cannot be used in portable programs anyway.
%ngives a grace-period to those programs still using
The changes given here are relative to N2596 .
append the sentence in green.
The argument shall be a pointer to signed integer whose type is specified by the length modifiers, if any, for the conversion specification, or shall be int if no length modifiers are specified for the conversion specification. The number of characters written to the output stream so far by this call to fprintf is stored into the integer object pointed to by the argument. No argument is converted, but one is consumed. If the conversion specification includes any flags, a field width, or a precision, the behavior is undefined.
2020/12/12 Meneide, C2x Working Draft