[PATCH] 18412 - Add warning when scanf %s is used without a field width
zdavkeos at gmail.com
Fri Mar 21 14:14:33 PDT 2014
Background: Bug 18412 suggests that the compiler should issue a
security warning when a scanf %s format specifier does not
include a field width. This is the third patche working toward
this (r202114, 204300).
This patch adds the actual warning. The warning is part of the
FormatSecurity warning group.
test.c:14:10: warning: no field width in scanf string format
specifier (potentially insecure)
Presently one of the tests in test/Sema/format-strings-scanf.c
fails due to the way the tests are executed (the file is
re-compiled with the -Wformat=0 option). I would appreciate any
advice on fixing this test case.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3055 bytes
Desc: not available
More information about the cfe-commits