[cfe-commits] r126447 - in /cfe/trunk: lib/Sema/SemaChecking.cpp test/Sema/format-strings.c
Ted Kremenek
kremenek at apple.com
Thu Feb 24 15:03:04 PST 2011
Author: kremenek
Date: Thu Feb 24 17:03:04 2011
New Revision: 126447
URL: http://llvm.org/viewvc/llvm-project?rev=126447&view=rev
Log:
Don't warn about using PredefinedExprs as format string literals. These never can be a real security issue.
Fixes PR 9314.
Modified:
cfe/trunk/lib/Sema/SemaChecking.cpp
cfe/trunk/test/Sema/format-strings.c
Modified: cfe/trunk/lib/Sema/SemaChecking.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Sema/SemaChecking.cpp?rev=126447&r1=126446&r2=126447&view=diff
==============================================================================
--- cfe/trunk/lib/Sema/SemaChecking.cpp (original)
+++ cfe/trunk/lib/Sema/SemaChecking.cpp Thu Feb 24 17:03:04 2011
@@ -875,7 +875,7 @@
return false;
}
-// Handle i > 1 ? "x" : "y", recursivelly
+// Handle i > 1 ? "x" : "y", recursively.
bool Sema::SemaCheckStringLiteral(const Expr *E, const CallExpr *TheCall,
bool HasVAListArg,
unsigned format_idx, unsigned firstDataArg,
@@ -918,6 +918,12 @@
}
return false;
+ case Stmt::PredefinedExprClass:
+ // While __func__, etc., are technically not string literals, they
+ // cannot contain format specifiers and thus are not a security
+ // liability.
+ return true;
+
case Stmt::DeclRefExprClass: {
const DeclRefExpr *DR = cast<DeclRefExpr>(E);
Modified: cfe/trunk/test/Sema/format-strings.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Sema/format-strings.c?rev=126447&r1=126446&r2=126447&view=diff
==============================================================================
--- cfe/trunk/test/Sema/format-strings.c (original)
+++ cfe/trunk/test/Sema/format-strings.c Thu Feb 24 17:03:04 2011
@@ -350,3 +350,11 @@
void pr8486() {
printf("%s", 1); // expected-warning{{conversion specifies type 'char *' but the argument has type 'int'}}
}
+
+// PR9314
+// Don't warn about string literals that are PreDefinedExprs, e.g. __func__.
+void pr9314() {
+ printf(__PRETTY_FUNCTION__); // no-warning
+ printf(__func__); // no-warning
+}
+
More information about the cfe-commits
mailing list