| ||
Do use fixed format strings, or format strings from a trusted source.
Do check and limit locale requests to valid values.
Do not pass user input directly as the format string to formatting functions.
Consider using higher-level languages that tend to be less vulnerable to this issue.