[PATCH] D133197: [clang] Fix crash when parsing scanf format string with missing arguments
serge via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Sep 5 01:55:23 PDT 2022
This revision was automatically updated to reflect the committed changes.
Closed by commit rGab09043a1985: [clang] Fix crash when parsing scanf format string with missing arguments (authored by serge-sans-paille).
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D133197/new/
https://reviews.llvm.org/D133197
Files:
clang/lib/Sema/SemaChecking.cpp
clang/test/Sema/format-strings-scanf.c
Index: clang/test/Sema/format-strings-scanf.c
===================================================================
--- clang/test/Sema/format-strings-scanf.c
+++ clang/test/Sema/format-strings-scanf.c
@@ -69,6 +69,11 @@
scanf("%#.2Lf", ld); // expected-warning{{invalid conversion specifier '#'}}
}
+void missing_argument_with_length_modifier() {
+ char buf[30];
+ scanf("%s:%900s", buf); // expected-warning{{more '%' conversions than data arguments}}
+}
+
// Test that the scanf call site is where the warning is attached. If the
// format string is somewhere else, point to it in a note.
void pr9751(void) {
Index: clang/lib/Sema/SemaChecking.cpp
===================================================================
--- clang/lib/Sema/SemaChecking.cpp
+++ clang/lib/Sema/SemaChecking.cpp
@@ -1066,6 +1066,9 @@
return llvm::None;
unsigned NewIndex = *IndexOptional;
+ if (NewIndex >= TheCall->getNumArgs())
+ return llvm::None;
+
const Expr *ObjArg = TheCall->getArg(NewIndex);
uint64_t Result;
if (!ObjArg->tryEvaluateObjectSize(Result, getASTContext(), BOSType))
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D133197.457904.patch
Type: text/x-patch
Size: 1114 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20220905/acf9c298/attachment.bin>
More information about the cfe-commits
mailing list