Warning : Format string is not a string literal (potentially insecure)

Question

I get the warning in the NSLog line

Format string is not a string literal(potentially insecure)

From the following code

NSMutableString  *MarqueeMessage = [[NSMutableString alloc]init];
[MarqueeMessage appendString:@"Abc"];
NSString *immutableString = MarqueeMessage;
NSLog(immutableString);

May I ask why after I changed the line into the following code, the warning is gone?

NSLog(immutableString,nil);

Answer 1

That's just the compiler's way of saying, "Hey, do you really know what you're doing?" The compiler is concerned that the input string may contain a percent character %, and you haven't specified the corresponding argument. Obviously, that's not the case based on the code you've provided, but the compiler isn't smart enough to figure that out.

By adding an argument (which could be anything including a number, a string, or nil) you convince the compiler that you know what you're doing. The alternative way to make the compiler happy is to output the string with code like this.

NSLog( @"%@", immutableString );

The advantage of this method is that unexpected format specifiers in the string (e.g. %s) won't cause any problems.