[clang-tools-extra] Add bugprone-sprintf-argument-overlap (PR #114244)
Gábor Horváth via cfe-commits
cfe-commits at lists.llvm.org
Tue Jan 7 05:15:59 PST 2025
Xazax-hun wrote:
> this requires dataflow analysis to get a low false-positive rate
I think it might be possible to have low false positive rates without dataflow analysis. Currently, it looks like the check is looking for syntactically identical subexpressions. Those tend to overlap in most cases. That being said, I can imagine some cases where it is not really the case, like:
```
sprintf(st1.buf, return_format_string_and_modify_buf("%s", &st1.buf), st1.buf);
```
To filter these, the check would need to ensure that the pointer cannot be modified while the arguments are evaluated.
Are there any other false positives you anticipate?
That being said, we'd absolutely need dataflow analysis to reduce the number of false negatives when the arguments are not syntactically equivalent.
I think it would be OK to have a fast, syntactic check in `-Wall` and have a smarted dataflow-based check as opt-in somewhere else (can be compiler, tidy, or the clang static analyzer). I think implementing this check in the clang static analyzer would be relatively straightforward.
> I think this check should be generalized a bit more
Huge +1. I like the generalization ideas. No matter in what form we land this, I think people would benefit a lot from that.
https://github.com/llvm/llvm-project/pull/114244
More information about the cfe-commits
mailing list