[PATCH] D154838: [analyzer] Add check for null pointer passed to %p of printf family
Mital Ashok via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Jul 25 12:05:21 PDT 2023
MitalAshok added a comment.
Instead of checking for hard-coded names, you can check functions with the format(printf, x, y) <https://clang.llvm.org/docs/AttributeReference.html#format> attribute:
if (auto *Format = FD->getAttr<FormatAttr>())
CheckPrintfPointerConversionSpecifierNULL(C, CE, Format->getFormatIdx());
You also have to check for pointer types first. This currently warns on `printf("%d", 0)`, since `0` is a null pointer constant (This warning should only be `T*` pointer types, C2x and C++ `nullptr` and GNU `__null`).
Also this only works for null pointer *constants*. `printf("%p", (void*) 0)` is pretty rare. You ideally want this to warn on the following too:
void f(void* p) {
if (!p) printf("%p", p);
}
void g(void) {
void* p = NULL;
printf("%p", p);
}
Look into how the NonNullParamChecker works
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D154838/new/
https://reviews.llvm.org/D154838
More information about the cfe-commits
mailing list