From 4dcb18ff9d92c66c78077ac5cae4b83af37292e4 Mon Sep 17 00:00:00 2001 From: Ted Kremenek Date: Fri, 29 Jan 2010 20:29:53 +0000 Subject: [PATCH] Enhancements to the alternate (WIP) format string checking: - Add ConversionSpecifier::consumesDataArgument() as a helper method to determine if a conversion specifier requires a matching argument. - Add support for glibc-specific '%m' conversion - Add an extra callback to HandleNull() for locations within the format specifier that have a null character git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@94834 91177308-0d34-0410-b5e6-96231b3b80d8 --- include/clang/Analysis/Analyses/PrintfFormatString.h | 12 ++++++++++++ lib/Analysis/PrintfFormatString.cpp | 12 ++++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/include/clang/Analysis/Analyses/PrintfFormatString.h b/include/clang/Analysis/Analyses/PrintfFormatString.h index a70bd9b32d..c0863f25a8 100644 --- a/include/clang/Analysis/Analyses/PrintfFormatString.h +++ b/include/clang/Analysis/Analyses/PrintfFormatString.h @@ -46,6 +46,8 @@ public: PercentArg, // '%' // Objective-C specific specifiers. ObjCObjArg, // '@' + // GlibC specific specifiers. + PrintErrno, // 'm' // Specifier ranges. IntArgBeg = dArg, IntArgEnd = iArg, @@ -68,6 +70,16 @@ public: const char *getStart() const { return Position; } + + bool consumesDataArgument() const { + switch (kind) { + case PercentArg: + case PrintErrno: + return false; + default: + return true; + } + } bool isObjCArg() const { return kind >= ObjCBeg && kind <= ObjCEnd; } bool isIntArg() const { return kind >= dArg && kind <= iArg; } diff --git a/lib/Analysis/PrintfFormatString.cpp b/lib/Analysis/PrintfFormatString.cpp index bf1e894115..bb9ac8480a 100644 --- a/lib/Analysis/PrintfFormatString.cpp +++ b/lib/Analysis/PrintfFormatString.cpp @@ -191,6 +191,12 @@ static FormatSpecifierResult ParseFormatSpecifier(FormatStringHandler &H, H.HandleIncompleteFormatSpecifier(Start, E - Start); return true; } + + if (*I == '\0') { + // Detect spurious null characters, which are likely errors. + H.HandleNullChar(I); + return true; + } // Finally, look for the conversion specifier. const char *conversionPosition = I++; @@ -219,7 +225,9 @@ static FormatSpecifierResult ParseFormatSpecifier(FormatStringHandler &H, case 'n': k = ConversionSpecifier::OutIntPtrArg; break; case '%': k = ConversionSpecifier::PercentArg; break; // Objective-C. - case '@': k = ConversionSpecifier::ObjCObjArg; break; + case '@': k = ConversionSpecifier::ObjCObjArg; break; + // Glibc specific. + case 'm': k = ConversionSpecifier::PrintErrno; break; } FS.setConversionSpecifier(ConversionSpecifier(conversionPosition, k)); @@ -246,7 +254,7 @@ bool clang::ParseFormatString(FormatStringHandler &H, // We have a format specifier. Pass it to the callback. if (!H.HandleFormatSpecifier(FSR.getValue(), FSR.getStart(), I - FSR.getStart())) - return false; + return true; } assert(I == E && "Format string not exhausted"); return false;