[PATCH] Add field width to scanf %s format fixit
Zach Davis
zdavkeos at gmail.com
Tue Mar 4 21:07:48 PST 2014
Background: Bug 18412 suggests that the compiler should issue a
security warning when a scanf %s format specifier does not include a
field width. This is the second of 3 patches working toward this
(first was r202114).
This patch updates the fixit system to suggest a field width for %s
specifiers when the length of the target array is a know fixed size.
Example:
char a[10];
scanf("%s", a);
^-
%9s
In order to determine the array length, the fixType function needs to
know the complete type of the argument, otherwise it is just the raw
pointer type that we can't reason about.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: scanf_fixit.patch
Type: text/x-patch
Size: 2675 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20140304/4cca9a49/attachment.bin>
More information about the cfe-commits
mailing list