summaryrefslogtreecommitdiffstats
path: root/clang/test/Sema/format-strings.c
Commit message (Collapse)AuthorAgeFilesLines
* Format strings: suggest %lld instead of %qd and %Ld with -Wformat-non-iso.Jordan Rose2012-09-081-0/+1
| | | | | | | As a corollary to the previous commit, even when an extension is available, we can still offer a fixit to the standard modifier. llvm-svn: 163453
* Format strings: %Ld isn't available on Darwin or Windows.Jordan Rose2012-09-081-11/+0
| | | | | | | | | This seems to be a GNU libc extension; we offer a fixit to %lld on these platforms. <rdar://problem/11518237> llvm-svn: 163452
* Properly check length modfiers for %n in format strings.Hans Wennborg2012-08-071-0/+27
| | | | llvm-svn: 161408
* -Wformat: better handling of qualifiers on pointer argumentsHans Wennborg2012-07-311-0/+16
| | | | | | | Warn about using pointers to const-qualified types as arguments to scanf. Ignore the volatile qualifier when checking if types match. llvm-svn: 161052
* Do not warn on correct use of the '%n' format specifier.Matt Beaumont-Gay2012-07-301-15/+6
| | | | | | | | While '%n' can be used for evil in an attacker-controlled format string, there isn't any acute danger in using it in a literal format string with an argument of the appropriate type. llvm-svn: 160984
* Make -Wformat check the argument type for %n.Hans Wennborg2012-07-301-6/+8
| | | | | | | This makes Clang check that the corresponding argument for "%n" in a format string is a pointer to int. llvm-svn: 160966
* Use the argument location instead of the format string location when warningMatt Beaumont-Gay2012-05-171-1/+6
| | | | | | | | | | | | | | | | | | about argument type mismatch. This gives a nicer diagnostic in cases like printf(fmt, i); where previously the snippet just pointed at 'fmt' (with a note at the definition of fmt). It's a wash for cases like printf("%f", i); where previously we snippeted the offending portion of the format string, but didn't indicate which argument was at fault. llvm-svn: 156968
* Merge branch 'format-string-braced-init'Matt Beaumont-Gay2012-05-111-0/+4
| | | | llvm-svn: 156653
* Fix a recent regression with the merging of format attributes.Rafael Espindola2012-05-111-0/+17
| | | | llvm-svn: 156597
* Make -Wformat accept printf("%hhx", c); with -funsigned-charHans Wennborg2012-05-081-0/+6
| | | | | | | | | For "%hhx", printf expects an unsigned char. This makes Clang accept a 'char' argument for that also when using -funsigned-char. This fixes PR12761. llvm-svn: 156388
* Add a predefine __WINT_UNSIGNED__, similar to __WCHAR_UNSIGNED__, and test ↵James Molloy2012-05-041-0/+5
| | | | | | | | | | them both for ARM and X86. Use this to fully fix Sema/format-strings.c for non-x86 platforms. Reviewed by Chandler on IRC. llvm-svn: 156169
* Fix handling of wint_t - we can't assume wint_t is purely an integer ↵James Molloy2012-05-041-7/+4
| | | | | | | | | | | | promotion of wchar_t - they may differ in signedness. Teach ASTContext about WIntType, and have it taken from TargetInfo like WCharType. Should fix test/Sema/format-strings.c for ARM, with the exception of one subtest which will fail if wint_t and wchar_t are the same size and wint_t is signed, wchar_t is unsigned. There'll be a followup commit to fix that. Reviewed by Chandler and Hans at http://llvm.org/reviews/r/8 llvm-svn: 156165
* Add a test for r156092.Bob Wilson2012-05-031-1/+8
| | | | llvm-svn: 156132
* Warn about non-standard format strings (pr12017)Hans Wennborg2012-02-221-1/+0
| | | | | | | | | This adds the -Wformat-non-standard flag (off by default, enabled by -pedantic), which warns about non-standard things in format strings (such as the 'q' length modifier, the 'S' conversion specifier, etc.) llvm-svn: 151154
* When calling a non variadic format function(vprintf, vscanf, NSLogv, …), ↵Jean-Daniel Dupas2012-02-211-6/+29
| | | | | | warn if the format string argument is a parameter that is not itself declared as a format string with compatible format. llvm-svn: 151080
* Format string analysis: give 'q' its own enumerator.Hans Wennborg2012-02-161-1/+3
| | | | | | | | | This is in preparation for being able to warn about 'q' and other non-standard format string features. It also allows us to print its name correctly. llvm-svn: 150697
* Fix typo in PrintfConversionSpecifier::isDoubleArg()Hans Wennborg2012-02-131-0/+2
| | | | | | | This makes the printf diagnostics issue warnigns for %a, %A, %e, etc. when used with the wrong argument. llvm-svn: 150370
* non-literal strftime format string is not unsafe.Jean-Daniel Dupas2012-02-071-1/+2
| | | | llvm-svn: 150009
* FormatCheckers should emit all diagnostics using EmitFormatDiagnostic().Jean-Daniel Dupas2012-01-311-0/+3
| | | | llvm-svn: 149394
* Update on format attribute handling.Jean-Daniel Dupas2012-01-301-0/+11
| | | | | | | - Remove the printf0 special handling as we treat it as printf anyway. - Perform basic checks (non-literal, empty) for all formats and not only printf/scanf. llvm-svn: 149236
* Teach scanf/printf checking about '%Ld' and friends (a GNU extension). ↵Ted Kremenek2012-01-241-0/+11
| | | | | | Fixes PR 9466. llvm-svn: 148859
* Tighten format string diagnostic and make it a bit clearer (and a bit closer ↵Ted Kremenek2012-01-201-22/+22
| | | | | | to GCC's). llvm-svn: 148579
* Fix for PR9751 to change the behavior of -Wformat warnings. If the formatRichard Trieu2011-10-281-0/+76
| | | | | | | | | | | string is part of the function call, then there is no difference. If the format string is not, the warning will point to the call site and a note will point to where the format string is. Fix-it hints for strings are moved to the note if a note is emitted. This will prevent changes to format strings that may be used in multiple places. llvm-svn: 143168
* Tweak printf format string parsing to accept 'hh' conversion specifier to ↵Ted Kremenek2011-10-251-0/+6
| | | | | | accept any char, not just signed char. Fixes <rdar://problem/10303638>. llvm-svn: 142908
* Do not warn about empty format strings when there are no data arguments. ↵Ted Kremenek2011-09-291-1/+6
| | | | | | Fixes <rdar://problem/9473155>. llvm-svn: 140777
* Control 'invalid conversion specifier' warnings under a subflag ↵Ted Kremenek2011-08-271-0/+10
| | | | | | (-Wformat-invalid-specifier) of -Wformat. Fixes <rdar://problem/10031930>. llvm-svn: 138686
* Revert r135147 and r135075. The consensus was that this wasn't the right ↵Ted Kremenek2011-07-141-1/+1
| | | | | | thing to do. llvm-svn: 135152
* Reapply r135075, but modify format-strings.c and format-strings-fixit.c test ↵Ted Kremenek2011-07-141-1/+1
| | | | | | cases to be more portable with an explicit target triple. llvm-svn: 135134
* Re-relax conversion specifier checking for printf format strings and ↵Ted Kremenek2011-07-131-2/+2
| | | | | | conversion specifiers. My recent change was a mistake. llvm-svn: 135048
* Fix inversion in argument type checking for format strings with conversion ↵Ted Kremenek2011-07-131-0/+9
| | | | | | specifiers for character types. llvm-svn: 135046
* Don't add redundant FormatAttr, ConstAttr, or NoThrowAttr attributes,Douglas Gregor2011-06-151-0/+5
| | | | | | | either imlicitly (for builtins) or explicitly (due to multiple specification of the same attributes). Fixes <rdar://problem/9612060>. llvm-svn: 133045
* Don't warn about using PredefinedExprs as format string literals. These ↵Ted Kremenek2011-02-241-0/+8
| | | | | | | | never can be a real security issue. Fixes PR 9314. llvm-svn: 126447
* Allow -Wformat to be enabled without -Wformat-security. GCC gatesChandler Carruth2011-02-211-0/+10
| | | | | | | | -Wformat-security on -Wformat, not vice-versa. Fixes PR8486. Patch by Oleg Slezberg. llvm-svn: 126096
* Add semantic checking that the "thousands grouping"Ted Kremenek2011-01-081-0/+3
| | | | | | | prefix in a printf format string is matched with the appropriate conversion specifier. llvm-svn: 123055
* Add printf format string parsing support for 'Ted Kremenek2011-01-081-0/+6
| | | | | | prefix to format conversions (POSIX extension). llvm-svn: 123054
* Fix range in printf warnings for invalid conversion specifiers.Ted Kremenek2010-12-021-0/+1
| | | | llvm-svn: 120735
* The 'X' printf type has a valid alternative form. Fixes PR8641.Anders Carlsson2010-11-211-0/+5
| | | | llvm-svn: 119946
* Previously, the printf warnings would say your arguments type was 'int' when ↵Ted Kremenek2010-10-211-1/+9
| | | | | | | | | | it was really a 'char' or a 'short'. This fixes that and allows the hints to suggest 'h' modifiers for small ints. Patch by Justin Bogner! llvm-svn: 116996
* Check format strings when a called function has more than one FormatAttr ↵Ted Kremenek2010-09-091-1/+10
| | | | | | (one for 'scanf' and one for 'printf'). Fixes <rdar://problem/8409437>. llvm-svn: 113472
* It appears that technically a null format string is not warned under ↵Ted Kremenek2010-09-091-0/+7
| | | | | | | | -Wformat-nonliteral, as the function processing the format string can decided whether or not to accept a null format string (e.g., asl_log). Fixes <rdar://problem/8269537>. llvm-svn: 113469
* Fix printf format string checking for '%lc' (which expects a wint_t or ↵Ted Kremenek2010-08-241-0/+15
| | | | | | compatible argument). Fixes PR 7981. llvm-svn: 111978
* Don't warn when a '%%' or '%*d' (scanf) is used in a format string with ↵Ted Kremenek2010-07-191-0/+2
| | | | | | | | positional arguments, since these don't actually consume an argument. llvm-svn: 108757
* Bug 7377: printf checking fails to flag some undefined behavior Tom Care2010-06-211-4/+2
| | | | | | | | | | | | | | | | | http://llvm.org/bugs/show_bug.cgi?id=7377 Updated format string highlighting and fixits to take advantage of the new CharSourceRange class. - Change HighlightRange to allow highlighting whitespace only in a CharSourceRange (for warnings about the ' ' (space) flag) - Change format specifier range helper function to allow for half-open ranges (+1 to end) - Enabled previously failing tests (FIXMEs/XFAILs removed) - Small fixes and additions to format string test cases M test/Sema/format-strings.c M test/Sema/format-strings-fixit.c M lib/Frontend/TextDiagnosticPrinter.cpp M lib/Sema/SemaChecking.cpp llvm-svn: 106480
* Bug 7377: Fixed several bad printf format string bugs.Tom Care2010-06-171-7/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Added warning for undefined behavior when using field specifier - Added warning for undefined behavior when using length modifier - Fixed warnings for invalid flags - Added warning for ignored flags - Added fixits for the above warnings - Fixed accuracy of detecting several undefined behavior conditions - Receive normal warnings in addition to security warnings when using %n - Fix bug where '+' flag would remain on unsigned conversion suggestions Summary of changes: - Added expanded tests - Added/expanded warnings - Added position info to OptionalAmounts for fixits - Extracted optional flags to a wrapper class with position info for fixits - Added several methods to validate a FormatSpecifier by component, each checking for undefined behavior - Fixed conversion specifier checking to conform to C99 standard - Added hooks to detect the invalid states in CheckPrintfHandler::HandleFormatSpecifier Note: warnings involving the ' ' (space) flag are temporarily disabled until whitespace highlighting no longer triggers assertions. I will make a post about this on cfe-dev shortly. M test/Sema/format-strings.c M include/clang/Basic/DiagnosticSemaKinds.td M include/clang/Analysis/Analyses/PrintfFormatString.h M lib/Analysis/PrintfFormatString.cpp M lib/Sema/SemaChecking.cpp llvm-svn: 106233
* Fix format string checking of '%c' by treating it as an integer conversion. ↵Ted Kremenek2010-06-171-0/+2
| | | | | | Fixes PR 7391. llvm-svn: 106196
* Extend format string type-checking to include '%p'. Fixes remaining cases ↵Ted Kremenek2010-06-161-0/+1
| | | | | | PR 4468. llvm-svn: 106151
* Tell the string literal parser when it's not permitted to emitDouglas Gregor2010-05-261-0/+3
| | | | | | | | diagnostics. That would be while we're parsing string literals for the sole purpose of producing a diagnostic about them. Fixes <rdar://problem/8026030>. llvm-svn: 104684
* Whenever we complain about a failed initialization of a function orDouglas Gregor2010-04-221-2/+2
| | | | | | | | | | | | | | | | | method parameter, provide a note pointing at the parameter itself so the user does not have to manually look for the function/method being called and match up parameters to arguments. For example, we now get: t.c:4:5: warning: incompatible pointer types passing 'long *' to parameter of type 'int *' [-pedantic] f(long_ptr); ^~~~~~~~ t.c:1:13: note: passing argument to parameter 'x' here void f(int *x); ^ llvm-svn: 102038
* Fix two bugs in format-string checking:Ted Kremenek2010-03-251-0/+13
| | | | | | | | | (1) Do not assume the data arguments start after the format string (2) Do not use the fact that a function is variadic to treat it like a va_list printf function Fixes PR 6697. llvm-svn: 99480
* Allow a '0' precision in format strings (as the man page says it is okay).Ted Kremenek2010-03-011-0/+3
| | | | | | Fixes <rdar://problem/7700339>. llvm-svn: 97482
OpenPOWER on IntegriCloud