[LLVMbugs] [Bug 1870] New: format string checker does not employ simple constant propagation

[bugzilla-daemon at cs.uiuc.edu]

http://llvm.org/bugs/show_bug.cgi?id=1870

           Summary: format string checker does not employ simple constant
                    propagation
           Product: clang
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: ASSIGNED
          Severity: enhancement
          Priority: P2
         Component: Semantic Analyzer
        AssignedTo: kremenek at cs.stanford.edu
        ReportedBy: kremenek at cs.stanford.edu
                CC: llvmbugs at cs.uiuc.edu


The following is a false positive (reported by Nico Weber) emitted by the
format string checker:

s0539:src nico$ cat test.c
#include "stdio.h"

int main() {
  char buf[1];
  sprintf(buf, 1 ? "" : "");
}
s0539:src nico$ ./clang test.c
running "/Users/nico/src/llvm-svn/Debug/bin/clang -fsyntax-only test.c"
test.c:5:16: warning: format string is not a string literal  
(potentially insecure)
  sprintf(buf, 1 ? "" : "");
  ~~~~~~~      ^
1 diagnostic generated.


The false positive is a result of the checker not performing simple constant
propagation of the string literal.  Such expressions may be the result of macro
expansion, and thus should be handled in order to suppress spurious warnings on
correct code.


-- 
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.