diff options
| author | Chris Lattner <sabre@nondot.org> | 2007-08-10 20:18:51 +0000 |
|---|---|---|
| committer | Chris Lattner <sabre@nondot.org> | 2007-08-10 20:18:51 +0000 |
| commit | b87b1b36eea885786dface81cf487eaffec58796 (patch) | |
| tree | e72509b7fe58d851c2a8cf1290259ed00e5cd7ce /clang/Sema/Sema.h | |
| parent | d79671fdf29b51285d620d64425290c6c24def0f (diff) | |
| download | bcm5719-llvm-b87b1b36eea885786dface81cf487eaffec58796.tar.gz bcm5719-llvm-b87b1b36eea885786dface81cf487eaffec58796.zip | |
initial support for checking format strings, patch by Ted Kremenek:
"I've coded up some support in clang to flag warnings for non-constant format strings used in calls to printf-like functions (all the functions listed in "man fprintf"). Non-constant format strings are a source of many security exploits in C/C++ programs, and I believe are currently detected by gcc using the flag -Wformat-nonliteral."
llvm-svn: 41003
Diffstat (limited to 'clang/Sema/Sema.h')
| -rw-r--r-- | clang/Sema/Sema.h | 34 |
1 files changed, 33 insertions, 1 deletions
diff --git a/clang/Sema/Sema.h b/clang/Sema/Sema.h index b6d47971f0b..3cf75328c85 100644 --- a/clang/Sema/Sema.h +++ b/clang/Sema/Sema.h @@ -68,6 +68,28 @@ class Sema : public Action { /// us to associate a raw vector type with one of the OCU type names. /// This is only necessary for issuing pretty diagnostics. llvm::SmallVector<TypedefDecl*, 24> OCUVectorDecls; + + // Enum values used by KnownFunctionIDs (see below). + enum { + id_printf, + id_fprintf, + id_sprintf, + id_snprintf, + id_vsnprintf, + id_asprintf, + id_vasprintf, + id_vfprintf, + id_vsprintf, + id_vprintf, + id_num_known_functions + }; + + /// KnownFunctionIDs - This is a list of IdentifierInfo objects to a set + /// of known functions used by the semantic analysis to do various + /// kinds of checking (e.g. checking format string errors in printf calls). + /// This list is populated upon the creation of a Sema object. + IdentifierInfo* KnownFunctionIDs[ id_num_known_functions ]; + public: Sema(Preprocessor &pp, ASTContext &ctxt, std::vector<Decl*> &prevInGroup); @@ -395,7 +417,17 @@ private: /// a constant expression of type int with a value greater than zero. If the /// array has an incomplete type or a valid constant size, return false, /// otherwise emit a diagnostic and return true. - bool VerifyConstantArrayType(const ArrayType *ary, SourceLocation loc); + bool VerifyConstantArrayType(const ArrayType *ary, SourceLocation loc); + + //===--------------------------------------------------------------------===// + // Extra semantic analysis beyond the C type system + private: + + void CheckFunctionCall(Expr *Fn, FunctionDecl *FDecl, + Expr** Args, unsigned NumArgsInCall); + + void CheckPrintfArguments(Expr *Fn, FunctionDecl *FDecl, unsigned format_idx, + Expr** Args, unsigned NumArgsInCall); }; |
