[clang] [analyzer] Fix format attribute handling in GenericTaintChecker (PR #132765)
DonĂ¡t Nagy via cfe-commits
cfe-commits at lists.llvm.org
Wed Mar 26 02:46:57 PDT 2025
================
@@ -161,3 +161,45 @@ void top() {
clang_analyzer_isTainted(A.data); // expected-warning {{YES}}
}
} // namespace gh114270
+
+
+namespace format_attribute {
+__attribute__((__format__ (__printf__, 1, 2)))
+void log_nonmethod(const char *fmt, ...);
+
+void test_format_attribute_nonmethod() {
+ int n;
+ fscanf(stdin, "%d", &n); // Get a tainted value.
+
+ log_nonmethod("This number is suspicious: %d\n", n); // no-warning
+}
----------------
NagyDonat wrote:
```suggestion
void log_freefunc(const char *fmt, ...);
void test_format_attribute_freefunc() {
int n;
fscanf(stdin, "%d", &n); // Get a tainted value.
log_freefunc("This number is suspicious: %d\n", n); // no-warning
}
```
https://github.com/llvm/llvm-project/pull/132765
More information about the cfe-commits
mailing list