diff options
| author | Hans Wennborg <hans@hanshq.net> | 2012-07-31 16:37:47 +0000 |
|---|---|---|
| committer | Hans Wennborg <hans@hanshq.net> | 2012-07-31 16:37:47 +0000 |
| commit | 5deddafd3ef51e94b4ac4d80e38271d3768b1af6 (patch) | |
| tree | 7f4e06763ba091274905164494f32c5484b32363 | |
| parent | 6b4be2ef4ce49717ff972434975ce3c34c9a1c4c (diff) | |
-Wformat: better handling of qualifiers on pointer arguments
Warn about using pointers to const-qualified types as arguments to
scanf. Ignore the volatile qualifier when checking if types match.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161052 91177308-0d34-0410-b5e6-96231b3b80d8
| -rw-r--r-- | lib/Analysis/FormatString.cpp | 7 | ||||
| -rw-r--r-- | lib/Analysis/ScanfFormatString.cpp | 12 | ||||
| -rw-r--r-- | test/Sema/format-strings-scanf.c | 18 | ||||
| -rw-r--r-- | test/Sema/format-strings.c | 16 |
4 files changed, 50 insertions, 3 deletions
diff --git a/lib/Analysis/FormatString.cpp b/lib/Analysis/FormatString.cpp index a68b9bb324..f03a84fb52 100644 --- a/lib/Analysis/FormatString.cpp +++ b/lib/Analysis/FormatString.cpp @@ -262,6 +262,13 @@ bool ArgTypeResult::matchesType(ASTContext &C, QualType argTy) const { argTy = ETy->getDecl()->getIntegerType(); argTy = C.getCanonicalType(argTy).getUnqualifiedType(); + if (const PointerType *PTy = argTy->getAs<PointerType>()) { + // Strip volatile qualifier from pointee type. + QualType Pointee = PTy->getPointeeType(); + Pointee.removeLocalVolatile(); + argTy = C.getPointerType(Pointee); + } + if (T == argTy) return true; // Check for "compatible types". diff --git a/lib/Analysis/ScanfFormatString.cpp b/lib/Analysis/ScanfFormatString.cpp index 3c848f1f09..1bbd5f2d29 100644 --- a/lib/Analysis/ScanfFormatString.cpp +++ b/lib/Analysis/ScanfFormatString.cpp @@ -453,6 +453,15 @@ bool clang::analyze_format_string::ParseScanfString(FormatStringHandler &H, } bool ScanfArgTypeResult::matchesType(ASTContext& C, QualType argTy) const { + // It has to be a pointer type. + const PointerType *PT = argTy->getAs<PointerType>(); + if (!PT) + return false; + + // We cannot write through a const qualified pointer. + if (PT->getPointeeType().isConstQualified()) + return false; + switch (K) { case InvalidTy: llvm_unreachable("ArgTypeResult must be valid"); @@ -463,9 +472,6 @@ bool ScanfArgTypeResult::matchesType(ASTContext& C, QualType argTy) const { case WCStrTy: return ArgTypeResult(ArgTypeResult::WCStrTy).matchesType(C, argTy); case PtrToArgTypeResultTy: { - const PointerType *PT = argTy->getAs<PointerType>(); - if (!PT) - return false; return A.matchesType(C, PT->getPointeeType()); } } diff --git a/test/Sema/format-strings-scanf.c b/test/Sema/format-strings-scanf.c index 2ce94840a6..6f6cb10eb3 100644 --- a/test/Sema/format-strings-scanf.c +++ b/test/Sema/format-strings-scanf.c @@ -126,3 +126,21 @@ void test_writeback(int *x) { scanf("%n", (void*)0); // expected-warning{{format specifies type 'int *' but the argument has type 'void *'}} scanf("%n %c", x, x); // expected-warning{{format specifies type 'char *' but the argument has type 'int *'}} } + +void test_qualifiers(const int *cip, volatile int* vip, + const char *ccp, volatile char* vcp, + const volatile int *cvip) { + scanf("%d", cip); // expected-warning{{format specifies type 'int *' but the argument has type 'const int *'}} + scanf("%n", cip); // expected-warning{{format specifies type 'int *' but the argument has type 'const int *'}} + scanf("%s", ccp); // expected-warning{{format specifies type 'char *' but the argument has type 'const char *'}} + scanf("%d", cvip); // expected-warning{{format specifies type 'int *' but the argument has type 'const volatile int *'}} + + scanf("%d", vip); // No warning. + scanf("%n", vip); // No warning. + scanf("%c", vcp); // No warning. + + typedef int* ip_t; + typedef const int* cip_t; + scanf("%d", (ip_t)0); // No warning. + scanf("%d", (cip_t)0); // expected-warning{{format specifies type 'int *' but the argument has type 'cip_t' (aka 'const int *')}} +} diff --git a/test/Sema/format-strings.c b/test/Sema/format-strings.c index d35125833c..aff996fed3 100644 --- a/test/Sema/format-strings.c +++ b/test/Sema/format-strings.c @@ -555,3 +555,19 @@ void test14_zed(int *p) { test14_foo("%", "%d", p); // expected-warning{{incomplete format specifier}} test14_bar("%", "%d", p); // expected-warning{{incomplete format specifier}} } + +void test_qualifiers(volatile int *vip, const int *cip, + const volatile int *cvip) { + printf("%n", cip); // expected-warning{{format specifies type 'int *' but the argument has type 'const int *'}} + printf("%n", cvip); // expected-warning{{format specifies type 'int *' but the argument has type 'const volatile int *'}} + + printf("%n", vip); // No warning. + printf("%p", cip); // No warning. + printf("%p", cvip); // No warning. + + + typedef int* ip_t; + typedef const int* cip_t; + printf("%n", (ip_t)0); // No warning. + printf("%n", (cip_t)0); // expected-warning{{format specifies type 'int *' but the argument has type 'cip_t' (aka 'const int *')}} +} |