Variadic function

From Wikipedia, the free encyclopedia
Jump to: navigation, search
"Varargs" redirects here. For the varargs.h library in C, see varargs.h.

In computer programming, a variadic function is a function of indefinite arity, i.e., one which accepts a variable number of arguments. Support for variadic functions differs widely among programming languages.

There are many mathematical and logical operations that come across naturally as variadic functions. For instance, the summing of numbers or the concatenation of strings or other sequences are operations that can logically apply to any number of operands.

Another operation that has been implemented as a variadic function in many languages is output formatting. The C function printf and the Common Lisp function format are two such examples. Both take one argument that specifies the formatting of the output, and any number of arguments that provide the values to be formatted.

Variadic functions can expose type-safety problems in some languages. For instance, C's printf, if used incautiously, can give rise to a class of security holes known as format string attacks. The attack is possible because the language support for variadic functions is not type-safe: it permits the function to attempt to pop more arguments off the stack than were placed there, corrupting the stack and leading to unexpected behavior. As a consequence of this, the CERT Coordination Center considers variadic functions in C to be a high-severity security risk.[1]

Variadic functionality can be considered complementary to the apply function, which takes a function and a list/sequence/array as arguments, and calls the function (once) with the arguments supplied in that list, thus passing a variable number of arguments to the function.

Example in C[edit]

To portably implement variadic functions in the C programming language, the standard stdarg.h header file is used. The older varargs.h header has been deprecated in favor of stdarg.h. In C++, the header file cstdarg is used.[2]

#include <stdarg.h>
double average(int count, ...)
    va_list ap;
    int j;
    double sum = 0;
    va_start(ap, count); /* Requires the last fixed parameter (to get the address) */
    for (j = 0; j < count; j++) {
        sum += va_arg(ap, double); /* Increments ap to the next argument. */
    return sum / count;

This will compute the average of an arbitrary number of arguments. Note that the function does not know the number of arguments or their types. The above function requires that the types be double, and the number of arguments is passed in the first argument. In some other cases, for example printf, the number and types of arguments are figured out from a format string. In both cases, this depends on the programmer to supply the correct information. If fewer arguments are passed in than the function believes, or the types of arguments are incorrect, this could cause it to read into invalid areas of memory and can lead to vulnerabilities like the format string attack.

See also[edit]


  1. ^ Klemens, Ben (2014). 21st Century C: C Tips from the New School. O'Reilly Media, Inc. p. 224. ISBN 1491904445. 
  2. ^

External links[edit]