[cfe-commits] r150009 - in /cfe/trunk: lib/Sema/SemaChecking.cpp test/Sema/format-strings.c

Jean-Daniel Dupas devlists at shadowlab.org
Tue Feb 7 15:10:53 PST 2012 

Author: jddupas
Date: Tue Feb  7 17:10:53 2012
New Revision: 150009

URL: http://llvm.org/viewvc/llvm-project?rev=150009&view=rev
Log:
non-literal strftime format string is not unsafe.


Modified:
    cfe/trunk/lib/Sema/SemaChecking.cpp
    cfe/trunk/test/Sema/format-strings.c

Modified: cfe/trunk/lib/Sema/SemaChecking.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Sema/SemaChecking.cpp?rev=150009&r1=150008&r2=150009&view=diff
==============================================================================
--- cfe/trunk/lib/Sema/SemaChecking.cpp (original)
+++ cfe/trunk/lib/Sema/SemaChecking.cpp Tue Feb  7 17:10:53 2012
@@ -1584,6 +1584,11 @@
                              format_idx, firstDataArg, Type))
     return;  // Literal format string found, check done!
 
+  // Strftime is particular as it always uses a single 'time' argument,
+  // so it is safe to pass a non-literal string.
+  if (Type == FST_Strftime)
+    return;
+
   // Do not emit diag when the string param is a macro expansion and the
   // format is either NSString or CFString. This is a hack to prevent
   // diag when using the NSLocalizedString and CFCopyLocalizedString macros

Modified: cfe/trunk/test/Sema/format-strings.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Sema/format-strings.c?rev=150009&r1=150008&r2=150009&view=diff
==============================================================================
--- cfe/trunk/test/Sema/format-strings.c (original)
+++ cfe/trunk/test/Sema/format-strings.c Tue Feb  7 17:10:53 2012
@@ -491,6 +491,7 @@
 void test_other_formats() {
   char *str = "";
   monformat("", 1); // expected-warning{{format string is empty}}
+  monformat(str); // expected-warning{{format string is not a string literal (potentially insecure)}}
   dateformat(""); // expected-warning{{format string is empty}}
-  dateformat(str); // expected-warning{{format string is not a string literal (potentially insecure)}}
+  dateformat(str); // no-warning (using strftime non literal is not unsafe)
 }

More information about the cfe-commits mailing list