initial support for checking format strings, patch by Ted Kremenek:

"I've coded up some support in clang to flag warnings for non-constant format strings used in calls to printf-like functions (all the functions listed in "man fprintf").  Non-constant format strings are a source of many security exploits in C/C++ programs, and I believe are currently detected by gcc using the flag -Wformat-nonliteral."

llvm-svn: 41003

1 files changed, 23 insertions, 0 deletions

diff --git a/clang/test/Sema/format-strings.c b/clang/test/Sema/format-strings.c
new file mode 100644
index 00000000000..f71cd586458
--- /dev/null
+++ b/clang/test/Sema/format-strings.c
@@ -0,0 +1,23 @@
+// RUN: clang -parse-ast-check %s
+
+#include <stdio.h>
+#include <stdarg.h>
+
+void check_string_literal( FILE* fp, const char* s, char *buf, ... ) {
+
+  char * b;
+  va_list ap;
+  va_start(ap,buf);
+
+  printf(s); // expected-warning {{format string is not a string literal}}
+  vprintf(s,ap); // expected-warning {{format string is not a string liter}}
+  fprintf(fp,s); // expected-warning {{format string is not a string literal}}
+  vfprintf(fp,s,ap); // expected-warning {{format string is not a string lit}}
+  asprintf(&b,s); // expected-warning {{format string is not a string lit}}
+  vasprintf(&b,s,ap); // expected-warning {{format string is not a string lit}}
+  sprintf(buf,s); // expected-warning {{format string is not a string literal}}
+  snprintf(buf,2,s); // expected-warning {{format string is not a string lit}}
+  vsprintf(buf,s,ap); // expected-warning {{format string is not a string lit}}
+  vsnprintf(buf,2,s,ap); // expected-warning {{mat string is not a string lit}}
+}
+