[cfe-dev] vprintf(3) and "format string is not a string literal"
Ted Kremenek
kremenek at apple.com
Mon Dec 17 11:07:36 PST 2007
On Dec 17, 2007, at 9:30 AM, Ted Kremenek wrote:
>
> On Dec 17, 2007, at 7:19 AM, Holger Schurig wrote:
>
>> I'm not subscribed to clang mailing list, so not sure if my mail
>> comes throught. I'm reading the list via gmane.
>>
>>
>> I guess utilizing gcc __attribute__((format(...))) would help
>> here. You could put that at the log
>>
>>
>> int logmessage(
>> int loglevel,
>> char const *fmt __attribute__ (format (printf, 2, 3))),
>> ...) {
>> // more code
>> }
>>
>> That way the compiler knows that fmt *IS* a format string and
>> won't need to warn when it is used in vprintf().
>>
>> Code that calls logmessage() would know that fmt is a printf-like
>> format string and can check calls to logmessage. This attribute
>> would even help in the case of call-backs.
>
> I like this solution. I think this would catch 90% of the correct
> cases, while suppressing most bogus messages.
I just committed patch r45114 that partially implements this solution:
http://llvm.org/viewvc/llvm-project?rev=45114&view=rev
Our support for attributes is still only preliminary, so right now I
have coded the format string checker to not emit a warning if the
format string for a vprintf-like function comes from the function
parameter of the caller. Later I will add the support to consult the
attributes of the calling function to see if it should be treated like
a printf function.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20071217/3710a864/attachment.html>
More information about the cfe-dev
mailing list