This articleneeds additional citations forverification. Please helpimprove this article byadding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Scanf" – news ·newspapers ·books ·scholar ·JSTOR(May 2010) (Learn how and when to remove this message)

scanf, short for scan formatted, is aCstandard libraryfunction that reads andparses text fromstandard input.

The function accepts a format string parameter that specifies the layout of inputtext. The function parses input text and loads values into variables based ondata type.

Similar functions, with other names, predate C, such asreadf inALGOL 68.

Input format strings are complementary to output format strings (seeprintf), which provide formatted output (templating).

Mike Lesk'sportable input/output library, includingscanf, officially became part of Unix inVersion 7.^[1]

For reading input,C++ typically usesstd::cin, whileJava uses a classjava.util.Scanner. A modernization of::printf() was introduced to C++, based onlibfmt,^[2] which addedstd::format() (inC++20) andstd::print() andstd::println() (inC++23). However, no analogous::scanf() modernization has been introduced, though one has been proposed based onscnlib.^[3]

Thescanf function reads input for numbers and otherdatatypes fromstandard input.

The following C code reads a variable number of unformatted decimalintegers from standard input and prints each of them out on separate lines:

#include<stdio.h>intmain(void){intn;while(scanf("%d",&n)){printf("%d\n",n);}return0;}

For input:

456 123 789 456 12456 1      2378

The output is:

4561237894561245612378

To print out a word:

#include<stdio.h>intmain(void){charword[20];if(scanf("%19s",word)){puts(word);}return0;}

No matter what the data type the programmer wants the program to read, the arguments (such as&n above) must bepointers pointing to memory. Otherwise, the function will not perform correctly because it will be attempting to overwrite the wrong sections of memory, rather than pointing to the memory location of the variable you are attempting to get input for.

In the last example an address-of operator (&) isnot used for the argument: asword is the name of anarray ofchar, as such it is (in all contexts in which it evaluates to an address) equivalent to a pointer to the first element of the array. While the expression&word would numerically evaluate to the same value, semantically, it has an entirely different meaning in that it stands for the address of the whole array rather than an element of it. This fact needs to be kept in mind when assigningscanf output to strings.

Asscanf is designated to read only from standard input, many programming languages withinterfaces, such asPHP, have derivatives such assscanf andfscanf but notscanf itself.

The formattingplaceholders inscanf are more or less the same as that inprintf, its reverse function. As in printf, the POSIX extensionn$ is defined.^[4]

There are rarely constants (i.e., characters that are not formattingplaceholders) in a format string, mainly because a program is usually not designed to read known data, althoughscanf does accept these if explicitly specified. The exception is one or morewhitespace characters, which discards all whitespace characters in the input.^[4]

Some of the most commonly used placeholders follow:

• %a : Scan a floating-point number in its hexadecimal notation.
• %d : Scan an integer as a signeddecimal number.
• %i : Scan an integer as a signed number. Similar to%d, but interprets the number ashexadecimal when preceded by0x andoctal when preceded by0. For example, the string031 would be read as 31 using%d, and 25 using%i. The flagh in%hi indicates conversion to ashort andhh conversion to achar.
• %u : Scan for decimalunsigned int (Note that in the C99 standard the input value minus sign is optional, so if a minus sign is read, no errors will arise and the result will be thetwo's complement of a negative number, likely a very large value. Seestrtoul().^{[failed verification]}) Correspondingly,%hu scans for anunsigned short and%hhu for anunsigned char.
• %f : Scan afloating-point number in normal (fixed-point) notation.
• %g,%G : Scan a floating-point number in either normal or exponential notation.%g uses lower-case letters and%G uses upper-case.
• %x,%X : Scan an integer as an unsignedhexadecimal number.
• %o : Scan an integer as anoctal number.
• %s : Scan acharacter string. The scan terminates atwhitespace. Anull character is stored at the end of the string, which means that the buffer supplied must be at least one character longer than the specified input length.
• %c : Scan a character (char). Nonull character is added.
• whitespace: Any whitespace characters trigger a scan for zero or morewhitespace characters. The number and type of whitespace characters do not need to match in either direction.
• %lf : Scan as adouble floating-point number. "Float" format with the "long" specifier.
• %Lf : Scan as along double floating-point number. "Float" format the "long long" specifier.
• %n : Nothing is expected. The number of characters consumed thus far from the input is stored through the next pointer, which must be a pointer to int. This is not a conversion and does not increase the count returned by the function.

The above can be used in compound with numeric modifiers and thel,L modifiers which stand for "long" and "long long" in between the percent symbol and the letter. There can also be numeric values between the percent symbol and the letters, preceding thelong modifiers if any, that specifies the number of characters to be scanned. An optionalasterisk (*) right after the percent symbol denotes that the datum read by this format specifier is not to be stored in a variable. No argument behind the format string should be included for this dropped variable.

Theff modifier in printf is not present in scanf, causing differences between modes of input and output. Thell andhh modifiers are not present in the C90 standard, but are present in the C99 standard.^[5]

An example of a format string is

"%7d%s %c%lf"

The above format string scans the first seven characters as a decimal integer, then reads the remaining as a string until a space,newline, or tab is found, then consumes whitespace until the first non-whitespace character is found, then consumes that character, and finally scans the remaining characters as adouble. Therefore, a robust program must check whether thescanf call succeeded and take appropriate action. If the input was not in the correct format, the erroneous data will still be on the input stream and must discarded before new input can be read. An alternative method, which avoids this, is to usefgets and then examine the string read in. The last step can be done bysscanf, for example.

In the case of the many float type charactersa, e, f, g, many implementations choose to collapse most into the same parser. Microsoft MSVCRT does it withe, f, g,^[6] whileglibc does so with all four.^[4]

ISO C99 includes theinttypes.hheader file that includes a number of macros for use in platform-independentscanf coding. These must be outside double-quotes, e.g.scanf("%"SCNd64"\n",&t);

Example macros include:

scanf is vulnerable toformat string attacks. Great care should be taken to ensure that the formatting string includes limitations for string and array sizes. In most cases the input string size from a user is arbitrary and cannot be determined before thescanf function is executed. This means that%s placeholders without length specifiers are inherently insecure and exploitable forbuffer overflows. Another potential problem is to allow dynamic formatting strings, for example formatting strings stored in configuration files or other user-controlled files. In this case the allowed input length of string sizes cannot be specified unless the formatting string is checked beforehand and limitations are enforced. Related to this are additional or mismatched formatting placeholders which do not match the actualvararg list. These placeholders might be partially extracted from the stack or contain undesirable or even insecure pointers, depending on the particular implementation ofvarargs.

• C programming language
• Format string attack
• Printf format string
• String interpolation

• scanf – System Interfaces Reference,The Single UNIX Specification, Version 5 fromThe Open Group
• C++ reference forstd::scanf

• C standard library

• Articles with short description
• Short description is different from Wikidata
• Articles needing additional references from May 2010
• All articles needing additional references
• Use dmy dates from November 2020
• All articles with failed verification
• Articles with failed verification from January 2011
• Articles with example C code