I had locally changed the test to add an explicit triple to figure out the issue
with the SCEI buildbots, and that hid the error. This now works with and
without the explicit triple.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@342581 91177308-0d34-0410-b5e6-96231b3b80d8
When the type of `wint_t` is `int`, the promotion will allow this to pass.
Check this explicitly rather than using the size.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@342569 91177308-0d34-0410-b5e6-96231b3b80d8
In the case that `win_t` is an `unsigned short` (e.g. on Windows), we would
previously incorrectly diagnose the conversion because we would immediately
promote the argument type from `wint_t` (aka `unsigned short`) to `int` before
checking if the type matched. This should repair the Windows hosted bots.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@342565 91177308-0d34-0410-b5e6-96231b3b80d8
Summary:
The warning for a format string not being a string literal and therefore
being potentially insecure is overly strict for indices into string
literals. This fix checks if the index into the string literal is
precomputable. If that's the case it will check if the suffix of that
string literal is a valid format string string literal. It will still
issue the aforementioned warning for out of range indices into the
string literal.
Patch by Meike Baumgärtner (meikeb)
Reviewers: rsmith
Subscribers: srhines, cfe-commits
Differential Revision: https://reviews.llvm.org/D24584
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@281686 91177308-0d34-0410-b5e6-96231b3b80d8
Summary:
The warning for a format string not being a sting literal and therefore
being potentially insecure is overly strict for indecies into sting
literals. This fix checks if the index into the string literal is
precomputable. If thats the case it will check if the suffix of that
sting literal is a valid format string string literal. It will still
issue the aforementioned warning for out of range indecies into the
string literal.
Reviewers: rsmith
Subscribers: srhines, cfe-commits
Differential Revision: https://reviews.llvm.org/D23820
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@281527 91177308-0d34-0410-b5e6-96231b3b80d8
r263299 added a fixit for the -Wformat-security warning, but that runs
into complications with our guideline that error recovery should be done
as-if the fixit had been applied. Putting the fixit on a note avoids that.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@263584 91177308-0d34-0410-b5e6-96231b3b80d8
Summary:
The printf/scanf format checker is a little over-zealous in handling the conditional operator. This patch reduces work by not checking code-paths that are never used and reduces false positives regarding uncovered arguments, for example in the code fragment:
printf(minimal ? "%i\n" : "%i: %s\n", code, msg);
Reviewers: rtrieu
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D15636
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@262025 91177308-0d34-0410-b5e6-96231b3b80d8
glibc expects that stddef.h only defines a single thing if either of these
defines is set. For example, before this change, a C file containing
#include <stdlib.h>
int ptrdiff_t = 0;
would compile with gcc but not with clang. Now it compiles with clang too.
This also fixes PR12997, where older versions of the Linux headers would define
NULL incorrectly, and glibc would define __need_NULL and expect stddef.h to
redefine NULL with the correct definition.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@207606 91177308-0d34-0410-b5e6-96231b3b80d8
This patch tries to avoid unrelated changes other than fixing a few
hyphen-related ambiguities in nearby lines.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@196466 91177308-0d34-0410-b5e6-96231b3b80d8
As a corollary to the previous commit, even when an extension is
available, we can still offer a fixit to the standard modifier.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163453 91177308-0d34-0410-b5e6-96231b3b80d8
This seems to be a GNU libc extension; we offer a fixit to %lld on
these platforms.
<rdar://problem/11518237>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163452 91177308-0d34-0410-b5e6-96231b3b80d8
Warn about using pointers to const-qualified types as arguments to
scanf. Ignore the volatile qualifier when checking if types match.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161052 91177308-0d34-0410-b5e6-96231b3b80d8
While '%n' can be used for evil in an attacker-controlled format string, there
isn't any acute danger in using it in a literal format string with an argument
of the appropriate type.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160984 91177308-0d34-0410-b5e6-96231b3b80d8
This makes Clang check that the corresponding argument for "%n" in a
format string is a pointer to int.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160966 91177308-0d34-0410-b5e6-96231b3b80d8
about argument type mismatch.
This gives a nicer diagnostic in cases like
printf(fmt,
i);
where previously the snippet just pointed at 'fmt' (with a note at the
definition of fmt).
It's a wash for cases like
printf("%f",
i);
where previously we snippeted the offending portion of the format string,
but didn't indicate which argument was at fault.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156968 91177308-0d34-0410-b5e6-96231b3b80d8
For "%hhx", printf expects an unsigned char. This makes Clang
accept a 'char' argument for that also when using -funsigned-char.
This fixes PR12761.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156388 91177308-0d34-0410-b5e6-96231b3b80d8
Teach ASTContext about WIntType, and have it taken from TargetInfo like WCharType. Should fix test/Sema/format-strings.c for ARM, with the exception of one subtest which will fail if wint_t and wchar_t are the same size and wint_t is signed, wchar_t is unsigned.
There'll be a followup commit to fix that.
Reviewed by Chandler and Hans at http://llvm.org/reviews/r/8
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156165 91177308-0d34-0410-b5e6-96231b3b80d8
This adds the -Wformat-non-standard flag (off by default,
enabled by -pedantic), which warns about non-standard
things in format strings (such as the 'q' length modifier,
the 'S' conversion specifier, etc.)
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151154 91177308-0d34-0410-b5e6-96231b3b80d8
This is in preparation for being able to warn about 'q' and other
non-standard format string features.
It also allows us to print its name correctly.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150697 91177308-0d34-0410-b5e6-96231b3b80d8
This makes the printf diagnostics issue warnigns for %a, %A, %e, etc.
when used with the wrong argument.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150370 91177308-0d34-0410-b5e6-96231b3b80d8
- Remove the printf0 special handling as we treat it as printf anyway.
- Perform basic checks (non-literal, empty) for all formats and not only printf/scanf.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149236 91177308-0d34-0410-b5e6-96231b3b80d8
string is part of the function call, then there is no difference. If the
format string is not, the warning will point to the call site and a note
will point to where the format string is.
Fix-it hints for strings are moved to the note if a note is emitted. This will
prevent changes to format strings that may be used in multiple places.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143168 91177308-0d34-0410-b5e6-96231b3b80d8
either imlicitly (for builtins) or explicitly (due to multiple
specification of the same attributes). Fixes <rdar://problem/9612060>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133045 91177308-0d34-0410-b5e6-96231b3b80d8
Saleem Abdulrasool