|
It's a security feature because by ensuring a parameter is valid, it can prevent unchecked input, crashes and so forth.
https://en.wikipedia.org/wiki/Uncontrolled_format_string[^]
printf has a flexibility and control that cout doesn't provide. I've also found that ostream can be very slow. Not a big deal or console output, but can stack in other places.
|
|
|
|
|
printf (or its secure variants these days) has an economical expressiveness that cout can't provide.
It's interesting that the string.Format(...) model in .NET is more printf -like than anyone would like to admit. Granted, it 'cheats' and uses the CLR type mechanism to guarantee reasonable behavior, but I still like it better than the cout model.
Software Zen: delete this;
|
|
|
|
|
printf has a flexibility and control that cout doesn't provide.
Say what? What kind of flexibility does printf offer that cout lacks? (The entire purpose for cout's existence is to be more flexible than printf)
Truth,
James
|
|
|
|
|
James Curran wrote: What kind of flexibility does printf offer that cout lacks?
for one example, I find:
printf("%0.3f %.2f", x, p);
More clear and concise than:
cout << std::fixed << std::setprecision(3) << x << " " << std::defaultfloat << std::setprecision(3) << p;
Also, something like a logging function where the formatting happens after a series of checks, is easier to write using the printf family.
Finally, using snprintf family can be extremely useful, especially in combination with the logging issue.
PS. In several cases, I do prefer the ostream family. It all depends on what I'm trying to accomplish with the code. (There is a huge chunk of diagnostic code in the project I'm current working on which uses lots of CString::Format (snprintf_s internally), which would be a whole lot more readable using ostringstream, but I'd likely be shot if I changed it.)
EDIT: Visual Studio 2010 and especially 2013 have really optimized ostream functionality. I wrote a quick test using some code from the aforementioned project. Using ostringstream was 17% faster than CString::AppendFormat with VS 2010 and 30% faster with VS 2013. I wouldn't be surprised if VS 2015 offers more improvement.
|
|
|
|
|
aha... But you didn't say "concise" you said "flexible".
I totally agree, printf is way more concise that cout, but for flexibility :
Point p(2,3);
cout << p << endl;
beats
printf("(%d, %d)\n", p.x, p.y);
Truth,
James
|
|
|
|
|
tomatopipps wrote: The whole "uncontrolled format string" problem it's supposed to solve could be avoided by basic knowledge of what printf actually does. Nope. Its needed because, despite knowing what printf actually does, people still get it wrong.
In my experience, a large percentage of C program crashes were precisely because of a mismatch in printf format strings and arguments, often in non-happy-case code paths that clearly were never tested.
We can program with only 1's, but if all you've got are zeros, you've got nothing.
|
|
|
|
|
"I don't even know why I'm not just using cout"
Because the printf family of functions are drastically easier to use than cout?
|
|
|
|
|
I was modifying a console app (in C) that did amplification of WAV files, and it seemed that I had to change every one of those
printf function calls to get it to compile in Visual Studio.
I really need to completely redo that app in C# WinForms.
|
|
|
|
|
|
Saw that already.
My reaction was that I would never pour liquid on a molten metal, even lead, without any protection.
I'd rather be phishing!
|
|
|
|
|
There exists a metal that is liquid at room-temperature
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
yeah, but it is not heated...
Lead melting point is 327.5c (or 621.5F), I would never drop a liquid on it.
(DONT DO THAT) Heat oil at that temperature and drop water on it and report your experience.
I'd rather be phishing!
|
|
|
|
|
Remember children - don't try this at home!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
I hope he had good ventilation. The lead fumes alone will probably kill him in a few years now.
Marc
|
|
|
|
|
Pretty interesting things[^] Hubble has shown us!
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
Don't believe me[^]?
(Not related to spyware )
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
What is in the following sequence that is not visible?
122333444455555666666777777788888888999999999
|
|
|
|
|
The zero zeros.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
|
Well - I toyed with saying "13 monkeys", or "12 good men and true" first...
Honestly, asking a bunch of geeks about zero based lists...
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
I once toyed with thirteen monkeys too!
I was going to say "10 Lords a leaping"
PooperPig - Coming Soon
|
|
|
|
|
Yeah, I guess I'll have to try it on my friends (none of whom knows a zero from a hero). They are more Roman than geek, when it comes to numbers and numbering systems.
|
|
|
|
|
Aye aye axe!
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
Actually it is present (zero zeros, one ones...), but the quantum theory of zeros* don't allow our eyes to feel it.
*I made that up.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
What's missing is ... (three dots) at the end.
Three dots would signify ten tens, eleven elevens, twelve twelves, etc. following the nine nines
|
|
|
|