aboutsummaryrefslogtreecommitdiff
path: root/test/Sema/format-strings.c
AgeCommit message (Collapse)Author
2007-10-12Added notion of '*' specified format width/specifiers when checkingTed Kremenek
printf format strings. Added type checking to see if the matching width/precision argument was of type 'int'. Thanks to Anders Carlsson for reporting this missing feature. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@42933 91177308-0d34-0410-b5e6-96231b3b80d8
2007-10-12Add some more diagnostics for va_start, fix tests so they pass with these ↵Anders Carlsson
new diags. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@42917 91177308-0d34-0410-b5e6-96231b3b80d8
2007-10-11rename -parse-ast-print to -ast-printChris Lattner
rename -parse-ast-dump to -ast-dump remove -parse-ast, which is redundant with -fsyntax-only git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@42852 91177308-0d34-0410-b5e6-96231b3b80d8
2007-09-26Removed option "-parse-ast-check" from clang driver. This is now implementedTed Kremenek
using "-parse-ast -verify". Updated all test cases (using a sed script) that invoked -parse-ast-check to now use -parse-ast -verify. Fixed a bug where using "-verify" instead of "-parse-ast-check" would not correctly create the DiagClient needed to accumulate diagnostics. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@42365 91177308-0d34-0410-b5e6-96231b3b80d8
2007-08-14Added support for additional format string checking for the printfTed Kremenek
family of functions. Previous functionality only included checking to see if the format string was a string literal. Now we check parse the format string (if it is a literal) and perform the following checks: (1) Warn if: number conversions (e.g. "%d") != number data arguments. (2) Warn about missing format strings (e.g., "printf()"). (3) Warn if the format string is not a string literal. (4) Warn about the use se of '%n' conversion. This conversion is discouraged for security reasons. (5) Warn about malformed conversions. For example '%;', '%v'; these are not valid. (6) Warn about empty format strings; e.g. printf(""). Although these can be optimized away by the compiler, they can be indicative of broken programmer logic. We may need to add additional support to see when such cases occur within macro expansion to avoid false positives. (7) Warn if the string literal is wide; e.g. L"%d". (8) Warn if we detect a '\0' character WITHIN the format string. Test cases are included. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@41076 91177308-0d34-0410-b5e6-96231b3b80d8
2007-08-10initial support for checking format strings, patch by Ted Kremenek:Chris Lattner
"I've coded up some support in clang to flag warnings for non-constant format strings used in calls to printf-like functions (all the functions listed in "man fprintf"). Non-constant format strings are a source of many security exploits in C/C++ programs, and I believe are currently detected by gcc using the flag -Wformat-nonliteral." git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@41003 91177308-0d34-0410-b5e6-96231b3b80d8
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-17 04:32:07 +0000