4

Possible Duplicate:
Warning: “format not a string literal and no format arguments”

I have the following line of code that is in my app that a Developer worked on. I am learning the basics of Objective C and as I was updating the App to be iPhone 5 compatible, I see the following warning (I did not change his code) Format String is not a literal string (potentially insecure). The code is as follows;

self.progressHud.labelText = [NSString stringWithFormat:message];

I don't know exactly what this means and don't want to upload anything that can either be a security issue or get rejected by Apple. Any and all help is appreciated from you all.

Community
  • 1
  • 1
Gregory Ortiz
  • 143
  • 2
  • 7
  • http://en.wikipedia.org/wiki/Uncontrolled_format_string, please search for "format string vulnerabilities" and you'll find lots of potential security holes with this type of thing. – Mat Oct 20 '12 at 07:32
  • possible duplicate of [Warning: "format not a string literal and no format arguments"](http://stackoverflow.com/questions/1677824/warning-format-not-a-string-literal-and-no-format-arguments) http://stackoverflow.com/questions/6337187/warning-format-not-a-string-literal-and-no-format-arguments – jscs Oct 20 '12 at 19:03
  • This is not a duplicate of the suggested question. The referenced question concerns the warning “format not a string literal and no format arguments” whereas this question refers to the warning "Format String is not a literal string (potentially insecure) warning". Careful inspection will show that the warnings are not at all the same so this question is not a duplicate. It is a possible duplicate of this question: http://stackoverflow.com/questions/9961363/why-is-my-string-potentially-unsecure-in-my-ios-application – ghr Feb 10 '13 at 22:39

1 Answers1

10

Use the following Lines:

self.progressHud.labelText = [NSString stringWithFormat:@"%@", message];

In objective C, this line get the values from any format such as int,float etc to display the Label. because UILabel and IBOutlet Elements only display the NSString values.

However, if you don't need to create a string with multiple variables, it would be more efficient to simply use:

self.progressHud.labelText = message;
Mick MacCallum
  • 129,200
  • 40
  • 280
  • 281