[cfe-commits] r113469 - in /cfe/trunk: lib/Sema/SemaChecking.cpp test/Sema/format-strings.c
Ted Kremenek
kremenek at apple.com
Wed Sep 8 20:51:43 PDT 2010
Author: kremenek
Date: Wed Sep 8 22:51:42 2010
New Revision: 113469
URL: http://llvm.org/viewvc/llvm-project?rev=113469&view=rev
Log:
It appears that technically a null format string is not warned under -Wformat-nonliteral, as
the function processing the format string can decided whether or not to accept a null format string (e.g., asl_log). Fixes <rdar://problem/8269537>.
Modified:
cfe/trunk/lib/Sema/SemaChecking.cpp
cfe/trunk/test/Sema/format-strings.c
Modified: cfe/trunk/lib/Sema/SemaChecking.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Sema/SemaChecking.cpp?rev=113469&r1=113468&r2=113469&view=diff
==============================================================================
--- cfe/trunk/lib/Sema/SemaChecking.cpp (original)
+++ cfe/trunk/lib/Sema/SemaChecking.cpp Wed Sep 8 22:51:42 2010
@@ -955,6 +955,13 @@
format_idx, firstDataArg, isPrintf);
}
+ case Stmt::IntegerLiteralClass:
+ // Technically -Wformat-nonliteral does not warn about this case.
+ // The behavior of printf and friends in this case is implementation
+ // dependent. Ideally if the format string cannot be null then
+ // it should have a 'nonnull' attribute in the function prototype.
+ return true;
+
case Stmt::ImplicitCastExprClass: {
E = cast<ImplicitCastExpr>(E)->getSubExpr();
goto tryAgain;
Modified: cfe/trunk/test/Sema/format-strings.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Sema/format-strings.c?rev=113469&r1=113468&r2=113469&view=diff
==============================================================================
--- cfe/trunk/test/Sema/format-strings.c (original)
+++ cfe/trunk/test/Sema/format-strings.c Wed Sep 8 22:51:42 2010
@@ -301,3 +301,10 @@
printf("%lc", c2); // no-warning
}
+// <rdar://problem/8269537> -Wformat-security says NULL is not a string literal
+void r8269537() {
+ // This is likely to crash in most cases, but -Wformat-nonliteral technically
+ // doesn't warn in this case.
+ printf(0); // no-warning
+}
+
More information about the cfe-commits
mailing list