summaryrefslogtreecommitdiffstats
path: root/clang/test/Sema/format-strings.c
Commit message (Collapse)AuthorAgeFilesLines
...
* Re-relax conversion specifier checking for printf format strings and ↵Ted Kremenek2011-07-131-2/+2
| | | | | | conversion specifiers. My recent change was a mistake. llvm-svn: 135048
* Fix inversion in argument type checking for format strings with conversion ↵Ted Kremenek2011-07-131-0/+9
| | | | | | specifiers for character types. llvm-svn: 135046
* Don't add redundant FormatAttr, ConstAttr, or NoThrowAttr attributes,Douglas Gregor2011-06-151-0/+5
| | | | | | | either imlicitly (for builtins) or explicitly (due to multiple specification of the same attributes). Fixes <rdar://problem/9612060>. llvm-svn: 133045
* Don't warn about using PredefinedExprs as format string literals. These ↵Ted Kremenek2011-02-241-0/+8
| | | | | | | | never can be a real security issue. Fixes PR 9314. llvm-svn: 126447
* Allow -Wformat to be enabled without -Wformat-security. GCC gatesChandler Carruth2011-02-211-0/+10
| | | | | | | | -Wformat-security on -Wformat, not vice-versa. Fixes PR8486. Patch by Oleg Slezberg. llvm-svn: 126096
* Add semantic checking that the "thousands grouping"Ted Kremenek2011-01-081-0/+3
| | | | | | | prefix in a printf format string is matched with the appropriate conversion specifier. llvm-svn: 123055
* Add printf format string parsing support for 'Ted Kremenek2011-01-081-0/+6
| | | | | | prefix to format conversions (POSIX extension). llvm-svn: 123054
* Fix range in printf warnings for invalid conversion specifiers.Ted Kremenek2010-12-021-0/+1
| | | | llvm-svn: 120735
* The 'X' printf type has a valid alternative form. Fixes PR8641.Anders Carlsson2010-11-211-0/+5
| | | | llvm-svn: 119946
* Previously, the printf warnings would say your arguments type was 'int' when ↵Ted Kremenek2010-10-211-1/+9
| | | | | | | | | | it was really a 'char' or a 'short'. This fixes that and allows the hints to suggest 'h' modifiers for small ints. Patch by Justin Bogner! llvm-svn: 116996
* Check format strings when a called function has more than one FormatAttr ↵Ted Kremenek2010-09-091-1/+10
| | | | | | (one for 'scanf' and one for 'printf'). Fixes <rdar://problem/8409437>. llvm-svn: 113472
* It appears that technically a null format string is not warned under ↵Ted Kremenek2010-09-091-0/+7
| | | | | | | | -Wformat-nonliteral, as the function processing the format string can decided whether or not to accept a null format string (e.g., asl_log). Fixes <rdar://problem/8269537>. llvm-svn: 113469
* Fix printf format string checking for '%lc' (which expects a wint_t or ↵Ted Kremenek2010-08-241-0/+15
| | | | | | compatible argument). Fixes PR 7981. llvm-svn: 111978
* Don't warn when a '%%' or '%*d' (scanf) is used in a format string with ↵Ted Kremenek2010-07-191-0/+2
| | | | | | | | positional arguments, since these don't actually consume an argument. llvm-svn: 108757
* Bug 7377: printf checking fails to flag some undefined behavior Tom Care2010-06-211-4/+2
| | | | | | | | | | | | | | | | | http://llvm.org/bugs/show_bug.cgi?id=7377 Updated format string highlighting and fixits to take advantage of the new CharSourceRange class. - Change HighlightRange to allow highlighting whitespace only in a CharSourceRange (for warnings about the ' ' (space) flag) - Change format specifier range helper function to allow for half-open ranges (+1 to end) - Enabled previously failing tests (FIXMEs/XFAILs removed) - Small fixes and additions to format string test cases M test/Sema/format-strings.c M test/Sema/format-strings-fixit.c M lib/Frontend/TextDiagnosticPrinter.cpp M lib/Sema/SemaChecking.cpp llvm-svn: 106480
* Bug 7377: Fixed several bad printf format string bugs.Tom Care2010-06-171-7/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Added warning for undefined behavior when using field specifier - Added warning for undefined behavior when using length modifier - Fixed warnings for invalid flags - Added warning for ignored flags - Added fixits for the above warnings - Fixed accuracy of detecting several undefined behavior conditions - Receive normal warnings in addition to security warnings when using %n - Fix bug where '+' flag would remain on unsigned conversion suggestions Summary of changes: - Added expanded tests - Added/expanded warnings - Added position info to OptionalAmounts for fixits - Extracted optional flags to a wrapper class with position info for fixits - Added several methods to validate a FormatSpecifier by component, each checking for undefined behavior - Fixed conversion specifier checking to conform to C99 standard - Added hooks to detect the invalid states in CheckPrintfHandler::HandleFormatSpecifier Note: warnings involving the ' ' (space) flag are temporarily disabled until whitespace highlighting no longer triggers assertions. I will make a post about this on cfe-dev shortly. M test/Sema/format-strings.c M include/clang/Basic/DiagnosticSemaKinds.td M include/clang/Analysis/Analyses/PrintfFormatString.h M lib/Analysis/PrintfFormatString.cpp M lib/Sema/SemaChecking.cpp llvm-svn: 106233
* Fix format string checking of '%c' by treating it as an integer conversion. ↵Ted Kremenek2010-06-171-0/+2
| | | | | | Fixes PR 7391. llvm-svn: 106196
* Extend format string type-checking to include '%p'. Fixes remaining cases ↵Ted Kremenek2010-06-161-0/+1
| | | | | | PR 4468. llvm-svn: 106151
* Tell the string literal parser when it's not permitted to emitDouglas Gregor2010-05-261-0/+3
| | | | | | | | diagnostics. That would be while we're parsing string literals for the sole purpose of producing a diagnostic about them. Fixes <rdar://problem/8026030>. llvm-svn: 104684
* Whenever we complain about a failed initialization of a function orDouglas Gregor2010-04-221-2/+2
| | | | | | | | | | | | | | | | | method parameter, provide a note pointing at the parameter itself so the user does not have to manually look for the function/method being called and match up parameters to arguments. For example, we now get: t.c:4:5: warning: incompatible pointer types passing 'long *' to parameter of type 'int *' [-pedantic] f(long_ptr); ^~~~~~~~ t.c:1:13: note: passing argument to parameter 'x' here void f(int *x); ^ llvm-svn: 102038
* Fix two bugs in format-string checking:Ted Kremenek2010-03-251-0/+13
| | | | | | | | | (1) Do not assume the data arguments start after the format string (2) Do not use the fact that a function is variadic to treat it like a va_list printf function Fixes PR 6697. llvm-svn: 99480
* Allow a '0' precision in format strings (as the man page says it is okay).Ted Kremenek2010-03-011-0/+3
| | | | | | Fixes <rdar://problem/7700339>. llvm-svn: 97482
* Fix crasher caused by setting a bit in a possibly empty bitvector whileTed Kremenek2010-02-271-0/+1
| | | | | | doing printf format string checking. This is a recent regression. llvm-svn: 97318
* For printf format string checking, add support for positional format strings.Ted Kremenek2010-02-271-0/+13
| | | | | | Along the way, coelesce some of the diagnostics. llvm-svn: 97297
* For printf format string checking, move the tracking of the data argument ↵Ted Kremenek2010-02-261-2/+2
| | | | | | | | | index out of Sema and into analyze_printf::ParseFormatString(). Also use a bitvector to determine what arguments have been covered (instead of just checking to see if the last argument consumed is the max argument). This is prep. for support positional arguments (an IEEE extension). llvm-svn: 97248
* Disable one test case because of the inconsistent results it is giving onTed Kremenek2010-02-241-1/+3
| | | | | | Windows and Mac OS X. Will investigate later. llvm-svn: 97016
* Add support for '%C' and '%S' printf conversion specifiers.Ted Kremenek2010-02-241-0/+15
| | | | llvm-svn: 97005
* Add test case to show that Clang now checks the format stringTed Kremenek2010-02-161-1/+4
| | | | | | arguments of asprintf (<rdar://problem/6657191>). llvm-svn: 96319
* Fix test case.Ted Kremenek2010-02-161-1/+1
| | | | llvm-svn: 96311
* Refactor the logic for printf argument type-checking into ↵Ted Kremenek2010-02-161-0/+6
| | | | | | | | | | analyze_printf::ArgTypeResult. Implement printf argument type checking for '%s'. Fixes <rdar://problem/3065808>. llvm-svn: 96310
* Patch by Cristian Draghici:Ted Kremenek2010-02-111-0/+12
| | | | | | | | | | | | Enhance the printf format string checking when using the format specifier flags ' ', '0', '+' with the 'p' or 's' conversions (since they are nonsensical and undefined). This is similar to GCC's checking. Also warning when a precision is used with the 'p' conversin specifier, since it has no meaning. llvm-svn: 95869
* Implement promotion for enumeration types.Douglas Gregor2010-02-021-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | WHAT!?! It turns out that Type::isPromotableIntegerType() was not considering enumeration types to be promotable, so we would never do the promotion despite having properly computed the promotion type when the enum was defined. Various operations on values of enum type just "worked" because we could still compute the integer rank of an enum type; the oddity, however, is that operations such as "add an enum and an unsigned" would often have an enum result type (!). The bug actually showed up as a spurious -Wformat diagnostic (<rdar://problem/7595366>), but in theory it could cause miscompiles. In this commit: - Enum types with a promotion type of "int" or "unsigned int" are promotable. - Tweaked the computation of promotable types for enums - For all of the ABIs, treat enum types the same way as their underlying types (*not* their promotion types) for argument passing and return values - Extend the ABI tester with support for enumeration types llvm-svn: 95117
* Add format string type checking support for 'long double'.Ted Kremenek2010-02-011-0/+2
| | | | llvm-svn: 95026
* Format string checking: selectively ignore implicit casts to 'int'Ted Kremenek2010-02-011-0/+5
| | | | | | | | when checking if the format specifier matches the type of the data argument and the length modifier indicates the data type is 'char' or 'short'. llvm-svn: 94992
* Recognize 'q' as a format length modifier (from BSD).Daniel Dunbar2010-01-301-1/+2
| | | | llvm-svn: 94894
* Add format string checking of 'double' arguments. Fixes ↵Ted Kremenek2010-01-301-0/+1
| | | | | | <rdar://problem/6931734>. llvm-svn: 94867
* Add basic type checking of format string conversion specifiers and their ↵Ted Kremenek2010-01-301-2/+10
| | | | | | arguments. Thanks to Cristian Draghici for his help with this patch! llvm-svn: 94864
* Be a little more permissive than C99: allow 'unsigned' to be used forTed Kremenek2010-01-291-3/+8
| | | | | | | the field width and precision of a format specifier instead of just 'int'. This matches GCC, and fixes <rdar://problem/6079850>. llvm-svn: 94856
* Switch Sema over to using the new implementation of format stringTed Kremenek2010-01-291-4/+22
| | | | | | | | | checking. It passes all existing tests, and the diagnostics have been refined to provide better range information (we now highlight individual format specifiers) and more precise wording in the diagnostics. llvm-svn: 94837
* add a bunch of missing prototypes to testsChris Lattner2010-01-091-0/+1
| | | | llvm-svn: 93072
* fix a bug handling the gnu ?: extension. Patch by Storlek on IRC,Chris Lattner2009-12-221-0/+1
| | | | | | who prefers to be stealthy and mysterious. llvm-svn: 91888
* Update tests to use %clang_cc1 instead of 'clang-cc' or 'clang -cc1'.Daniel Dunbar2009-12-151-1/+1
| | | | | | | | | - This is designed to make it obvious that %clang_cc1 is a "test variable" which is substituted. It is '%clang_cc1' instead of '%clang -cc1' because it can be useful to redefine what gets run as 'clang -cc1' (for example, to set a default target). llvm-svn: 91446
* Don't #include <stdio.h> when tests don't need it, or use clang instead of ↵Daniel Dunbar2009-11-171-8/+11
| | | | | | clang-cc when they do. llvm-svn: 89070
* Fix some Window-isms to get these tests to pass on Windows.John Thompson2009-10-291-1/+5
| | | | llvm-svn: 85450
* Fix <rdar://problem/6880975> [format string] Assertion failed: (Arg < ↵Ted Kremenek2009-05-131-0/+5
| | | | | | | | | NumArgs && "Arg access out of range!"). For format string checking, only check the type of the format specifier for non-vararg functions. llvm-svn: 71672
* implement -Wformat-security properly, which is enabled by default.Chris Lattner2009-04-291-0/+12
| | | | | | This enables one specific class of non-literal format warnings. llvm-svn: 70368
* tweak warning options to be more like gcc:Chris Lattner2009-04-291-1/+1
| | | | | | | | | | | 1. All all variants of -Wformat*, make them imply -Wformat. GCC warns if you use -Wformatfoo without -Wformat. We just make one imply the other. 2. Make -Wformat-nonliteral default to off, like gcc. It is an incredible nuisance. 3. Accept but currently ignore -Wformat-extra-args. llvm-svn: 70362
* Rename clang to clang-cc.Daniel Dunbar2009-03-241-1/+1
| | | | | | Tests and drivers updated, still need to shuffle dirs. llvm-svn: 67602
* Fix <rdar://problem/6704086> by allowing the format string checking in Sema toTed Kremenek2009-03-201-0/+14
| | | | | | | | allow non-literal format strings that are variables that (a) permanently bind to a string constant and (b) whose string constants are resolvable within the same translation unit. llvm-svn: 67404
* use the full spelling of a string literal token so that trigraphsChris Lattner2009-02-181-2/+7
| | | | | | | | | | | | | | | | | | | | | and escaped newlines don't throw off the offset computation. On this testcase: printf("abc\ def" "%*d", (unsigned) 1, 1); Before: t.m:5:5: warning: field width should have type 'int', but argument has type 'unsigned int' def" ^ after: t.m:6:12: warning: field width should have type 'int', but argument has type 'unsigned int' "%*d", (unsigned) 1, 1); ^ ~~~~~~~~~~~~ llvm-svn: 64930
OpenPOWER on IntegriCloud