| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
variables that have a pointer type, or arrays that contain pointers.
This fixes a crash on the following code:
int *h[3];
int **foo(int i)
{
return &(h[i]);
}
This bug was reported by Keith Bauer (thanks!).
llvm-svn: 41546
|
| |
|
|
|
|
|
|
|
|
| |
implicit casts from T to T& at the topmost part of the return-value expression.
This checking may be needed within EvalAddr later on. We'll wait until
test cases show this kind of logic is necessary (as more C++ features are
implemented in clang).
llvm-svn: 41493
|
| |
|
|
| |
llvm-svn: 41454
|
| |
|
|
|
|
|
|
|
|
| |
t.c:3:9: warning: invalid conversion '%B'
printf("%B\a\n", p);
~~~~~~ ^
Don't beep the console or print the newline.
llvm-svn: 41453
|
| |
|
|
| |
llvm-svn: 41398
|
| |
|
|
| |
llvm-svn: 41396
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
to getBase and getIdx. getBase and getIdx now return a "normalized" view
of the expression (e.g., always "A[4]" instead of possibly "4[A]"). getLHS
and getRHS return the expressions with syntactic fidelity to the original
source code.
Also modified client code of ArraySubscriptExpr, including the AST dumper
and pretty printer, the return-stack value checker, and the LLVM code
generator.
llvm-svn: 41180
|
| |
|
|
|
|
|
|
| |
"return of stack addresses." ParseReturnStmt now calls CheckReturnStackAddr
to determine if the expression in the return statement evaluates to an
address of a stack variable. If so, we issue a warning.
llvm-svn: 41141
|
| |
|
|
| |
llvm-svn: 41140
|
| |
|
|
| |
llvm-svn: 41136
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
family of functions. Previous functionality only included checking to
see if the format string was a string literal. Now we check parse the
format string (if it is a literal) and perform the following checks:
(1) Warn if: number conversions (e.g. "%d") != number data arguments.
(2) Warn about missing format strings (e.g., "printf()").
(3) Warn if the format string is not a string literal.
(4) Warn about the use se of '%n' conversion. This conversion is
discouraged for security reasons.
(5) Warn about malformed conversions. For example '%;', '%v'; these
are not valid.
(6) Warn about empty format strings; e.g. printf(""). Although these
can be optimized away by the compiler, they can be indicative of
broken programmer logic. We may need to add additional support to
see when such cases occur within macro expansion to avoid false
positives.
(7) Warn if the string literal is wide; e.g. L"%d".
(8) Warn if we detect a '\0' character WITHIN the format string.
Test cases are included.
llvm-svn: 41076
|
| |
|
|
|
|
|
| |
by CheckPrintfArguments to determine if a given printf function
accepts a va_arg argument.
llvm-svn: 41008
|
|
|
"I've coded up some support in clang to flag warnings for non-constant format strings used in calls to printf-like functions (all the functions listed in "man fprintf"). Non-constant format strings are a source of many security exploits in C/C++ programs, and I believe are currently detected by gcc using the flag -Wformat-nonliteral."
llvm-svn: 41003
|
