From: Ted Kremenek Date: Thu, 9 Sep 2010 03:51:42 +0000 (+0000) Subject: It appears that technically a null format string is not warned under -Wformat-nonlite... X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=95355bb53ef3145e463b98c6fd26f8f95e26e26c;p=clang It appears that technically a null format string is not warned under -Wformat-nonliteral, as the function processing the format string can decided whether or not to accept a null format string (e.g., asl_log). Fixes . git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@113469 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/lib/Sema/SemaChecking.cpp b/lib/Sema/SemaChecking.cpp index 6092348004..1a7bd1d07f 100644 --- a/lib/Sema/SemaChecking.cpp +++ b/lib/Sema/SemaChecking.cpp @@ -955,6 +955,13 @@ bool Sema::SemaCheckStringLiteral(const Expr *E, const CallExpr *TheCall, format_idx, firstDataArg, isPrintf); } + case Stmt::IntegerLiteralClass: + // Technically -Wformat-nonliteral does not warn about this case. + // The behavior of printf and friends in this case is implementation + // dependent. Ideally if the format string cannot be null then + // it should have a 'nonnull' attribute in the function prototype. + return true; + case Stmt::ImplicitCastExprClass: { E = cast(E)->getSubExpr(); goto tryAgain; diff --git a/test/Sema/format-strings.c b/test/Sema/format-strings.c index 2325454c0b..9e8007b9b0 100644 --- a/test/Sema/format-strings.c +++ b/test/Sema/format-strings.c @@ -301,3 +301,10 @@ void pr7981(wint_t c, wchar_t c2) { printf("%lc", c2); // no-warning } +// -Wformat-security says NULL is not a string literal +void r8269537() { + // This is likely to crash in most cases, but -Wformat-nonliteral technically + // doesn't warn in this case. + printf(0); // no-warning +} +