It appears that technically a null format string is not warned under -Wformat-nonliteral, as
the function processing the format string can decided whether or not to accept a null format string (e.g., asl_log). Fixes <rdar://problem/8269537>. llvm-svn: 113469
This commit is contained in:
parent
808829351e
commit
1520dae606
|
@ -955,6 +955,13 @@ bool Sema::SemaCheckStringLiteral(const Expr *E, const CallExpr *TheCall,
|
|||
format_idx, firstDataArg, isPrintf);
|
||||
}
|
||||
|
||||
case Stmt::IntegerLiteralClass:
|
||||
// Technically -Wformat-nonliteral does not warn about this case.
|
||||
// The behavior of printf and friends in this case is implementation
|
||||
// dependent. Ideally if the format string cannot be null then
|
||||
// it should have a 'nonnull' attribute in the function prototype.
|
||||
return true;
|
||||
|
||||
case Stmt::ImplicitCastExprClass: {
|
||||
E = cast<ImplicitCastExpr>(E)->getSubExpr();
|
||||
goto tryAgain;
|
||||
|
|
|
@ -301,3 +301,10 @@ void pr7981(wint_t c, wchar_t c2) {
|
|||
printf("%lc", c2); // no-warning
|
||||
}
|
||||
|
||||
// <rdar://problem/8269537> -Wformat-security says NULL is not a string literal
|
||||
void r8269537() {
|
||||
// This is likely to crash in most cases, but -Wformat-nonliteral technically
|
||||
// doesn't warn in this case.
|
||||
printf(0); // no-warning
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue