From b87b1b36eea885786dface81cf487eaffec58796 Mon Sep 17 00:00:00 2001 From: Chris Lattner Date: Fri, 10 Aug 2007 20:18:51 +0000 Subject: initial support for checking format strings, patch by Ted Kremenek: "I've coded up some support in clang to flag warnings for non-constant format strings used in calls to printf-like functions (all the functions listed in "man fprintf"). Non-constant format strings are a source of many security exploits in C/C++ programs, and I believe are currently detected by gcc using the flag -Wformat-nonliteral." llvm-svn: 41003 --- clang/Sema/SemaExpr.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'clang/Sema/SemaExpr.cpp') diff --git a/clang/Sema/SemaExpr.cpp b/clang/Sema/SemaExpr.cpp index 8a3576aaf3a..6b871b4812b 100644 --- a/clang/Sema/SemaExpr.cpp +++ b/clang/Sema/SemaExpr.cpp @@ -22,6 +22,7 @@ #include "clang/Basic/LangOptions.h" #include "clang/Basic/TargetInfo.h" #include "llvm/ADT/SmallString.h" +#include "llvm/ADT/StringExtras.h" using namespace clang; /// ParseStringLiteral - The specified tokens were lexed as pasted string @@ -555,6 +556,13 @@ ParseCallExpr(ExprTy *fn, SourceLocation LParenLoc, if (NumArgsInCall != NumArgsInProto && !proto->isVariadic()) return true; } + + // Do special checking on direct calls to functions. + if (ImplicitCastExpr *IcExpr = dyn_cast(Fn)) + if (DeclRefExpr *DRExpr = dyn_cast(IcExpr->getSubExpr())) + if (FunctionDecl *FDecl = dyn_cast(DRExpr->getDecl())) + CheckFunctionCall(Fn, FDecl, Args, NumArgsInCall); + return new CallExpr(Fn, Args, NumArgsInCall, resultType, RParenLoc); } -- cgit v1.2.3