From e45150d3b17ee2298a07e344c8b20595f239cd45 Mon Sep 17 00:00:00 2001 From: Akira Hatanaka Date: Wed, 11 Jul 2018 22:19:14 +0000 Subject: [PATCH] os_log: When there are multiple privacy annotations in the format string, choose the strictest one instead of the last. Also fix an undefined behavior. Move the pointer update to a later point to avoid adding StringRef::npos to the pointer. rdar://problem/40706280 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@336863 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Analysis/PrintfFormatString.cpp | 11 ++++++----- test/CodeGen/builtins.c | 4 ++-- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/lib/Analysis/PrintfFormatString.cpp b/lib/Analysis/PrintfFormatString.cpp index 2e5841ecae..00591ab2b0 100644 --- a/lib/Analysis/PrintfFormatString.cpp +++ b/lib/Analysis/PrintfFormatString.cpp @@ -135,17 +135,16 @@ static PrintfSpecifierResult ParsePrintfSpecifier(FormatStringHandler &H, MatchedStr = Matches[1]; I += Matches[0].size(); - // Set the privacy flag if there is a privacy annotation in the - // comma-delimited segment. This overrides any privacy annotations that - // appeared in previous comma-delimited segments. + // Set the privacy flag if the privacy annotation in the + // comma-delimited segment is at least as strict as the privacy + // annotations in previous comma-delimited segments. if (MatchedStr.equals("private")) PrivacyFlags = clang::analyze_os_log::OSLogBufferItem::IsPrivate; - else if (MatchedStr.equals("public")) + else if (PrivacyFlags == 0 && MatchedStr.equals("public")) PrivacyFlags = clang::analyze_os_log::OSLogBufferItem::IsPublic; } else { size_t CommaOrBracePos = Str.find_if([](char c) { return c == ',' || c == '}'; }); - I += CommaOrBracePos + 1; if (CommaOrBracePos == StringRef::npos) { // Neither a comma nor the closing brace was found. @@ -153,6 +152,8 @@ static PrintfSpecifierResult ParsePrintfSpecifier(FormatStringHandler &H, H.HandleIncompleteSpecifier(Start, E - Start); return true; } + + I += CommaOrBracePos + 1; } // Continue until the closing brace is found. } while (*(I - 1) == ','); diff --git a/test/CodeGen/builtins.c b/test/CodeGen/builtins.c index 4059f16fbf..77b479e4c1 100644 --- a/test/CodeGen/builtins.c +++ b/test/CodeGen/builtins.c @@ -421,7 +421,7 @@ void test_builtin_os_log(void *buf, int i, const char *data) { // CHECK: %[[V5:.*]] = load i8*, i8** %[[DATA_ADDR]] // CHECK: %[[V6:.*]] = ptrtoint i8* %[[V5]] to i64 // CHECK: call void @__os_log_helper_1_3_4_4_0_8_34_4_17_8_49(i8* %[[V1]], i32 %[[V2]], i64 %[[V4]], i32 16, i64 %[[V6]]) - __builtin_os_log_format(buf, "%d %{private,public}s %{public,private}.16P", i, data, data); + __builtin_os_log_format(buf, "%d %{public}s %{private}.16P", i, data, data); // privacy annotations aren't recognized when they are preceded or followed // by non-whitespace characters. @@ -443,7 +443,7 @@ void test_builtin_os_log(void *buf, int i, const char *data) { // The last privacy annotation in the string wins. // CHECK: call void @__os_log_helper_1_3_1_8_33( - __builtin_os_log_format(buf, "%{ public, private, public, private}s", "abc"); + __builtin_os_log_format(buf, "%{ private, public, private, public}s", "abc"); } // CHECK-LABEL: define linkonce_odr hidden void @__os_log_helper_1_3_4_4_0_8_34_4_17_8_49 -- 2.40.0