| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
llvm-svn: 93072
|
| |
|
|
|
|
| |
who prefers to be stealthy and mysterious.
llvm-svn: 91888
|
| |
|
|
|
|
|
|
|
| |
- This is designed to make it obvious that %clang_cc1 is a "test variable"
which is substituted. It is '%clang_cc1' instead of '%clang -cc1' because it
can be useful to redefine what gets run as 'clang -cc1' (for example, to set
a default target).
llvm-svn: 91446
|
| |
|
|
|
|
| |
clang-cc when they do.
llvm-svn: 89070
|
| |
|
|
| |
llvm-svn: 85450
|
| |
|
|
|
|
|
|
|
| |
NumArgs && "Arg access out of range!").
For format string checking, only check the type of the format
specifier for non-vararg functions.
llvm-svn: 71672
|
| |
|
|
|
|
| |
This enables one specific class of non-literal format warnings.
llvm-svn: 70368
|
| |
|
|
|
|
|
|
|
|
|
| |
1. All all variants of -Wformat*, make them imply -Wformat. GCC warns
if you use -Wformatfoo without -Wformat. We just make one imply the
other.
2. Make -Wformat-nonliteral default to off, like gcc. It is an incredible
nuisance.
3. Accept but currently ignore -Wformat-extra-args.
llvm-svn: 70362
|
| |
|
|
|
|
| |
Tests and drivers updated, still need to shuffle dirs.
llvm-svn: 67602
|
| |
|
|
|
|
|
|
| |
allow non-literal format strings that are variables that (a) permanently bind to
a string constant and (b) whose string constants are resolvable within the same
translation unit.
llvm-svn: 67404
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and escaped newlines don't throw off the offset computation.
On this testcase:
printf("abc\
def"
"%*d", (unsigned) 1, 1);
Before:
t.m:5:5: warning: field width should have type 'int', but argument has type 'unsigned int'
def"
^
after:
t.m:6:12: warning: field width should have type 'int', but argument has type 'unsigned int'
"%*d", (unsigned) 1, 1);
^ ~~~~~~~~~~~~
llvm-svn: 64930
|
| |
|
|
| |
llvm-svn: 64929
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
about, whether they are builtins or not. Use this to add the
appropriate "format" attribute to NSLog, NSLogv, asprintf, and
vasprintf, and to translate builtin attributes (from Builtins.def)
into actual attributes on the function declaration.
Use the "printf" format attribute on function declarations to
determine whether we should do format string checking, rather than
looking at an ad hoc list of builtins and "known" function names.
Be a bit more careful about when we consider a function a "builtin" in
C++.
llvm-svn: 64561
|
| |
|
|
| |
llvm-svn: 62119
|
| |
|
|
|
|
|
|
|
| |
Extend string-literal checking for printf() format string to handle conditional
ternary operators where both sides are literals.
This fixes PR 3319: http://llvm.org/bugs/show_bug.cgi?id=3319
llvm-svn: 62117
|
| |
|
|
|
|
|
| |
versions of sprintf and friends.
- Added FIXME that this mechanism should be generalized.
llvm-svn: 56962
|
| |
|
|
| |
llvm-svn: 55032
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Like EXTENSION but always generates a warning (even without
-pedantic).
- Updated ptr -> int, int -> ptr, and incompatible cast warnings to
be EXTWARN.
- Other EXTENSION level diagnostics should be audited for upgrade.
- Updated several test cases to fix code which produced unanticipated
warnings.
llvm-svn: 54335
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
following hold:
(1) A vprintf-like function is called that takes the argument list via a
via_list argument.
(2) The format string is a non-literal that is the parameter value of
the enclosing function, e.g:
void logmessage(const char *fmt,...) {
va_list ap;
va_start(ap,fmt);
fprintf(fmt,ap); // Do not emit a warning.
}
In the future this special case will be enhanced to consult the "format"
attribute attached to a function declaration instead of just allowing a blank
check for all function parameters to be used as format strings to vprintf-like
functions. This will happen when more support for attributes becomes
available.
llvm-svn: 45114
|
| |
|
|
| |
llvm-svn: 42973
|
| |
|
|
|
|
|
|
|
| |
printf format strings. Added type checking to see if the matching
width/precision argument was of type 'int'.
Thanks to Anders Carlsson for reporting this missing feature.
llvm-svn: 42933
|
| |
|
|
|
|
| |
new diags.
llvm-svn: 42917
|
| |
|
|
|
|
|
| |
rename -parse-ast-dump to -ast-dump
remove -parse-ast, which is redundant with -fsyntax-only
llvm-svn: 42852
|
| |
|
|
|
|
|
|
|
|
|
|
| |
using "-parse-ast -verify".
Updated all test cases (using a sed script) that invoked -parse-ast-check to
now use -parse-ast -verify.
Fixed a bug where using "-verify" instead of "-parse-ast-check" would not
correctly create the DiagClient needed to accumulate diagnostics.
llvm-svn: 42365
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
family of functions. Previous functionality only included checking to
see if the format string was a string literal. Now we check parse the
format string (if it is a literal) and perform the following checks:
(1) Warn if: number conversions (e.g. "%d") != number data arguments.
(2) Warn about missing format strings (e.g., "printf()").
(3) Warn if the format string is not a string literal.
(4) Warn about the use se of '%n' conversion. This conversion is
discouraged for security reasons.
(5) Warn about malformed conversions. For example '%;', '%v'; these
are not valid.
(6) Warn about empty format strings; e.g. printf(""). Although these
can be optimized away by the compiler, they can be indicative of
broken programmer logic. We may need to add additional support to
see when such cases occur within macro expansion to avoid false
positives.
(7) Warn if the string literal is wide; e.g. L"%d".
(8) Warn if we detect a '\0' character WITHIN the format string.
Test cases are included.
llvm-svn: 41076
|
|
|
"I've coded up some support in clang to flag warnings for non-constant format strings used in calls to printf-like functions (all the functions listed in "man fprintf"). Non-constant format strings are a source of many security exploits in C/C++ programs, and I believe are currently detected by gcc using the flag -Wformat-nonliteral."
llvm-svn: 41003
|
