2 * This file is part of cparser.
3 * Copyright (C) 2007-2009 Matthias Braun <matze@braunis.de>
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version 2
8 * of the License, or (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
24 #include "format_check.h"
28 #include "diagnostic.h"
32 #include "lang_features.h"
34 typedef enum format_flag_t {
36 FMT_FLAG_HASH = 1U << 0,
37 FMT_FLAG_ZERO = 1U << 1,
38 FMT_FLAG_MINUS = 1U << 2,
39 FMT_FLAG_SPACE = 1U << 3,
40 FMT_FLAG_PLUS = 1U << 4,
41 FMT_FLAG_TICK = 1U << 5
44 typedef unsigned format_flags_t;
46 typedef enum format_length_modifier_t {
57 /* only in microsoft mode */
62 } format_length_modifier_t;
64 typedef struct format_spec_t {
65 const char *name; /**< name of the function */
66 format_kind_t fmt_kind; /**< kind */
67 unsigned fmt_idx; /**< index of the format string */
68 unsigned arg_idx; /**< index of the first argument */
71 static const char* get_length_modifier_name(const format_length_modifier_t mod)
73 static const char* const names[] = {
84 /* only in microsoft mode */
87 [FMT_MOD_I32] = "I32",
90 assert(mod < lengthof(names));
94 static void warn_invalid_length_modifier(const source_position_t *pos,
95 const format_length_modifier_t mod,
96 const wchar_rep_t conversion)
99 "invalid length modifier '%s' for conversion specifier '%%%c'",
100 get_length_modifier_name(mod), conversion
104 typedef struct vchar_t vchar_t;
106 const void *string; /**< the string */
107 size_t position; /**< current position */
108 size_t size; /**< size of the string */
110 /** return the first character of the string and setthe position to 0. */
111 unsigned (*first)(vchar_t *self);
112 /** return the next character of the string */
113 unsigned (*next)(vchar_t *self);
114 /** return non_zero if the given character is a digit */
115 int (*is_digit)(unsigned vchar);
118 static unsigned string_first(vchar_t *self)
121 const string_t *string = self->string;
122 return string->begin[0];
125 static unsigned string_next(vchar_t *self)
128 const string_t *string = self->string;
129 return string->begin[self->position];
132 static int string_isdigit(unsigned vchar)
134 return isdigit(vchar);
137 static unsigned wstring_first(vchar_t *self)
140 const wide_string_t *wstring = self->string;
141 return wstring->begin[0];
144 static unsigned wstring_next(vchar_t *self)
147 const wide_string_t *wstring = self->string;
148 return wstring->begin[self->position];
151 static int wstring_isdigit(unsigned vchar)
153 return iswdigit(vchar);
156 static bool atend(vchar_t *self)
158 return self->position + 1 == self->size;
162 * Check printf-style format.
164 static int internal_check_printf_format(const expression_t *fmt_expr,
165 const call_argument_t *arg, const format_spec_t *spec)
167 if (fmt_expr->kind == EXPR_UNARY_CAST_IMPLICIT) {
168 fmt_expr = fmt_expr->unary.value;
172 switch (fmt_expr->kind) {
173 case EXPR_STRING_LITERAL:
174 vchar.string = &fmt_expr->string.value;
175 vchar.size = fmt_expr->string.value.size;
176 vchar.first = string_first;
177 vchar.next = string_next;
178 vchar.is_digit = string_isdigit;
181 case EXPR_WIDE_STRING_LITERAL:
182 vchar.string = &fmt_expr->wide_string.value;
183 vchar.size = fmt_expr->wide_string.value.size;
184 vchar.first = wstring_first;
185 vchar.next = wstring_next;
186 vchar.is_digit = wstring_isdigit;
189 case EXPR_CONDITIONAL: {
190 conditional_expression_t const *const c = &fmt_expr->conditional;
191 expression_t const * t = c->true_expression;
194 int const nt = internal_check_printf_format(t, arg, spec);
195 int const nf = internal_check_printf_format(c->false_expression, arg, spec);
196 return nt > nf ? nt : nf;
203 const source_position_t *pos = &fmt_expr->base.source_position;
204 unsigned fmt = vchar.first(&vchar);
205 unsigned num_fmt = 0;
206 for (; fmt != '\0'; fmt = vchar.next(&vchar)) {
209 fmt = vchar.next(&vchar);
216 format_flags_t fmt_flags = FMT_FLAG_NONE;
218 fmt = vchar.next(&vchar);
219 fmt_flags |= FMT_FLAG_ZERO;
222 /* argument selector or minimum field width */
223 if (vchar.is_digit(fmt)) {
225 fmt = vchar.next(&vchar);
226 } while (vchar.is_digit(fmt));
228 /* digit string was ... */
230 /* ... argument selector */
231 fmt_flags = FMT_FLAG_NONE; /* reset possibly set 0-flag */
235 /* ... minimum field width */
241 case '#': flag = FMT_FLAG_HASH; break;
242 case '0': flag = FMT_FLAG_ZERO; break;
243 case '-': flag = FMT_FLAG_MINUS; break;
244 case '\'': flag = FMT_FLAG_TICK; break;
247 if (fmt_flags & FMT_FLAG_PLUS) {
248 warningf(pos, "' ' is overridden by prior '+' in conversion specification %u", num_fmt);
250 flag = FMT_FLAG_SPACE;
254 if (fmt_flags & FMT_FLAG_SPACE) {
255 warningf(pos, "'+' overrides prior ' ' in conversion specification %u", num_fmt);
257 flag = FMT_FLAG_PLUS;
260 default: goto break_fmt_flags;
262 if (fmt_flags & flag) {
263 warningf(pos, "repeated flag '%c' in conversion specification %u", (char)fmt, num_fmt);
266 fmt = vchar.next(&vchar);
270 /* minimum field width */
272 fmt = vchar.next(&vchar);
274 warningf(pos, "missing argument for '*' field width in conversion specification %u", num_fmt);
277 const type_t *const arg_type = arg->expression->base.type;
278 if (arg_type != type_int) {
279 warningf(pos, "argument for '*' field width in conversion specification %u is not an 'int', but an '%T'", num_fmt, arg_type);
283 while (vchar.is_digit(fmt)) {
284 fmt = vchar.next(&vchar);
291 fmt = vchar.next(&vchar);
293 fmt = vchar.next(&vchar);
295 warningf(pos, "missing argument for '*' precision in conversion specification %u", num_fmt);
298 const type_t *const arg_type = arg->expression->base.type;
299 if (arg_type != type_int) {
300 warningf(pos, "argument for '*' precision in conversion specification %u is not an 'int', but an '%T'", num_fmt, arg_type);
304 /* digit string may be omitted */
305 while (vchar.is_digit(fmt)) {
306 fmt = vchar.next(&vchar);
311 /* length modifier */
312 format_length_modifier_t fmt_mod;
315 fmt = vchar.next(&vchar);
317 fmt = vchar.next(&vchar);
318 fmt_mod = FMT_MOD_hh;
325 fmt = vchar.next(&vchar);
327 fmt = vchar.next(&vchar);
328 fmt_mod = FMT_MOD_ll;
334 case 'L': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_L; break;
335 case 'j': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_j; break;
336 case 't': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_t; break;
337 case 'z': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_z; break;
338 case 'q': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_q; break;
342 fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_w;
344 fmt_mod = FMT_MOD_NONE;
349 fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_I;
351 fmt = vchar.next(&vchar);
353 fmt = vchar.next(&vchar);
354 fmt_mod = FMT_MOD_I32;
359 } else if (fmt == '6') {
360 fmt = vchar.next(&vchar);
362 fmt = vchar.next(&vchar);
363 fmt_mod = FMT_MOD_I64;
370 fmt_mod = FMT_MOD_NONE;
374 fmt_mod = FMT_MOD_NONE;
379 warningf(pos, "dangling %% in format string");
383 type_t *expected_type;
384 type_qualifiers_t expected_qual = TYPE_QUALIFIER_NONE;
385 format_flags_t allowed_flags;
390 case FMT_MOD_NONE: expected_type = type_int; break;
391 case FMT_MOD_hh: expected_type = type_int; break; /* TODO promoted signed char */
392 case FMT_MOD_h: expected_type = type_int; break; /* TODO promoted short */
393 case FMT_MOD_l: expected_type = type_long; break;
394 case FMT_MOD_ll: expected_type = type_long_long; break;
395 case FMT_MOD_j: expected_type = type_intmax_t; break;
396 case FMT_MOD_z: expected_type = type_ssize_t; break;
397 case FMT_MOD_t: expected_type = type_ptrdiff_t; break;
398 case FMT_MOD_I: expected_type = type_ptrdiff_t; break;
399 case FMT_MOD_I32: expected_type = type_int32; break;
400 case FMT_MOD_I64: expected_type = type_int64; break;
403 warn_invalid_length_modifier(pos, fmt_mod, fmt);
406 allowed_flags = FMT_FLAG_MINUS | FMT_FLAG_SPACE | FMT_FLAG_PLUS | FMT_FLAG_ZERO;
412 allowed_flags = FMT_FLAG_MINUS | FMT_FLAG_HASH | FMT_FLAG_ZERO;
413 goto eval_fmt_mod_unsigned;
416 allowed_flags = FMT_FLAG_MINUS | FMT_FLAG_ZERO;
417 eval_fmt_mod_unsigned:
419 case FMT_MOD_NONE: expected_type = type_unsigned_int; break;
420 case FMT_MOD_hh: expected_type = type_int; break; /* TODO promoted unsigned char */
421 case FMT_MOD_h: expected_type = type_int; break; /* TODO promoted unsigned short */
422 case FMT_MOD_l: expected_type = type_unsigned_long; break;
423 case FMT_MOD_ll: expected_type = type_unsigned_long_long; break;
424 case FMT_MOD_j: expected_type = type_uintmax_t; break;
425 case FMT_MOD_z: expected_type = type_size_t; break;
426 case FMT_MOD_t: expected_type = type_uptrdiff_t; break;
427 case FMT_MOD_I: expected_type = type_size_t; break;
428 case FMT_MOD_I32: expected_type = type_unsigned_int32; break;
429 case FMT_MOD_I64: expected_type = type_unsigned_int64; break;
432 warn_invalid_length_modifier(pos, fmt_mod, fmt);
446 case FMT_MOD_l: /* l modifier is ignored */
447 case FMT_MOD_NONE: expected_type = type_double; break;
448 case FMT_MOD_L: expected_type = type_long_double; break;
451 warn_invalid_length_modifier(pos, fmt_mod, fmt);
454 allowed_flags = FMT_FLAG_MINUS | FMT_FLAG_SPACE | FMT_FLAG_PLUS | FMT_FLAG_HASH | FMT_FLAG_ZERO;
458 if (fmt_mod != FMT_MOD_NONE) {
459 warn_invalid_length_modifier(pos, fmt_mod, fmt);
462 expected_type = type_wchar_t;
463 allowed_flags = FMT_FLAG_NONE;
467 expected_type = type_int;
469 case FMT_MOD_NONE: expected_type = type_int; break; /* TODO promoted char */
470 case FMT_MOD_l: expected_type = type_wint_t; break;
471 case FMT_MOD_w: expected_type = type_wchar_t; break;
474 warn_invalid_length_modifier(pos, fmt_mod, fmt);
477 allowed_flags = FMT_FLAG_NONE;
481 if (fmt_mod != FMT_MOD_NONE) {
482 warn_invalid_length_modifier(pos, fmt_mod, fmt);
485 expected_type = type_wchar_t_ptr;
486 expected_qual = TYPE_QUALIFIER_CONST;
487 allowed_flags = FMT_FLAG_MINUS;
492 case FMT_MOD_NONE: expected_type = type_char_ptr; break;
493 case FMT_MOD_l: expected_type = type_wchar_t_ptr; break;
494 case FMT_MOD_w: expected_type = type_wchar_t_ptr; break;
497 warn_invalid_length_modifier(pos, fmt_mod, fmt);
500 expected_qual = TYPE_QUALIFIER_CONST;
501 allowed_flags = FMT_FLAG_MINUS;
505 if (fmt_mod != FMT_MOD_NONE) {
506 warn_invalid_length_modifier(pos, fmt_mod, fmt);
509 expected_type = type_void_ptr;
510 allowed_flags = FMT_FLAG_NONE;
515 case FMT_MOD_NONE: expected_type = type_int_ptr; break;
516 case FMT_MOD_hh: expected_type = type_signed_char_ptr; break;
517 case FMT_MOD_h: expected_type = type_short_ptr; break;
518 case FMT_MOD_l: expected_type = type_long_ptr; break;
519 case FMT_MOD_ll: expected_type = type_long_long_ptr; break;
520 case FMT_MOD_j: expected_type = type_intmax_t_ptr; break;
521 case FMT_MOD_z: expected_type = type_ssize_t_ptr; break;
522 case FMT_MOD_t: expected_type = type_ptrdiff_t_ptr; break;
525 warn_invalid_length_modifier(pos, fmt_mod, fmt);
528 allowed_flags = FMT_FLAG_NONE;
532 warningf(pos, "encountered unknown conversion specifier '%%%C' at position %u", (wint_t)fmt, num_fmt);
534 warningf(pos, "too few arguments for format string");
540 format_flags_t wrong_flags = fmt_flags & ~allowed_flags;
541 if (wrong_flags != 0) {
544 if (wrong_flags & FMT_FLAG_HASH) *p++ = '#';
545 if (wrong_flags & FMT_FLAG_ZERO) *p++ = '0';
546 if (wrong_flags & FMT_FLAG_MINUS) *p++ = '-';
547 if (wrong_flags & FMT_FLAG_SPACE) *p++ = ' ';
548 if (wrong_flags & FMT_FLAG_PLUS) *p++ = '+';
549 if (wrong_flags & FMT_FLAG_TICK) *p++ = '\'';
552 warningf(pos, "invalid format flags \"%s\" in conversion specification %%%c at position %u", wrong, fmt, num_fmt);
556 warningf(pos, "too few arguments for format string");
560 { /* create a scope here to prevent warning about the jump to next_arg */
561 type_t *const arg_type = arg->expression->base.type;
562 type_t *const arg_skip = skip_typeref(arg_type);
563 type_t *const expected_type_skip = skip_typeref(expected_type);
566 /* allow any pointer type for %p, not just void */
567 if (is_type_pointer(arg_skip))
571 if (is_type_pointer(expected_type_skip)) {
572 if (is_type_pointer(arg_skip)) {
573 type_t *const exp_to = skip_typeref(expected_type_skip->pointer.points_to);
574 type_t *const arg_to = skip_typeref(arg_skip->pointer.points_to);
575 if ((arg_to->base.qualifiers & ~expected_qual) == 0 &&
576 get_unqualified_type(arg_to) == exp_to) {
581 if (get_unqualified_type(arg_skip) == expected_type_skip) {
585 if (is_type_valid(arg_skip)) {
587 "argument type '%T' does not match conversion specifier '%%%s%c' at position %u",
588 arg_type, get_length_modifier_name(fmt_mod), (char)fmt, num_fmt);
594 if (!atend(&vchar)) {
595 warningf(pos, "format string contains '\\0'");
601 * Check printf-style format.
603 static void check_printf_format(call_argument_t const *arg, format_spec_t const *const spec)
605 /* find format arg */
607 for (; idx < spec->fmt_idx; ++idx) {
613 expression_t const *const fmt_expr = arg->expression;
615 /* find the real args */
616 for (; idx < spec->arg_idx && arg != NULL; ++idx)
619 int const num_fmt = internal_check_printf_format(fmt_expr, arg, spec);
624 for (; arg != NULL; arg = arg->next)
626 if (num_args > (size_t)num_fmt) {
627 warningf(&fmt_expr->base.source_position,
628 "%u argument%s but only %u format specifier%s",
629 num_args, num_args != 1 ? "s" : "",
630 num_fmt, num_fmt != 1 ? "s" : "");
635 * Check scanf-style format.
637 static void check_scanf_format(const call_argument_t *arg, const format_spec_t *spec)
639 /* find format arg */
641 for (; idx < spec->fmt_idx; ++idx) {
647 const expression_t *fmt_expr = arg->expression;
648 if (fmt_expr->kind == EXPR_UNARY_CAST_IMPLICIT) {
649 fmt_expr = fmt_expr->unary.value;
653 if (fmt_expr->kind == EXPR_WIDE_STRING_LITERAL) {
654 vchar.string = &fmt_expr->wide_string.value;
655 vchar.size = fmt_expr->wide_string.value.size;
656 vchar.first = wstring_first;
657 vchar.next = wstring_next;
658 vchar.is_digit = wstring_isdigit;
659 } else if (fmt_expr->kind == EXPR_STRING_LITERAL) {
660 vchar.string = &fmt_expr->string.value;
661 vchar.size = fmt_expr->string.value.size;
662 vchar.first = string_first;
663 vchar.next = string_next;
664 vchar.is_digit = string_isdigit;
668 /* find the real args */
669 for (; idx < spec->arg_idx && arg != NULL; ++idx)
672 const source_position_t *pos = &fmt_expr->base.source_position;
673 unsigned fmt = vchar.first(&vchar);
674 unsigned num_fmt = 0;
675 for (; fmt != '\0'; fmt = vchar.next(&vchar)) {
678 fmt = vchar.next(&vchar);
685 /* length modifier */
686 format_length_modifier_t fmt_mod;
689 fmt = vchar.next(&vchar);
691 fmt = vchar.next(&vchar);
692 fmt_mod = FMT_MOD_hh;
699 fmt = vchar.next(&vchar);
701 fmt = vchar.next(&vchar);
702 fmt_mod = FMT_MOD_ll;
708 case 'L': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_L; break;
709 case 'j': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_j; break;
710 case 't': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_t; break;
711 case 'z': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_z; break;
715 fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_w;
717 fmt_mod = FMT_MOD_NONE;
722 fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_I;
724 fmt = vchar.next(&vchar);
726 fmt = vchar.next(&vchar);
727 fmt_mod = FMT_MOD_I32;
732 } else if (fmt == '6') {
733 fmt = vchar.next(&vchar);
735 fmt = vchar.next(&vchar);
736 fmt_mod = FMT_MOD_I64;
743 fmt_mod = FMT_MOD_NONE;
747 fmt_mod = FMT_MOD_NONE;
752 warningf(pos, "dangling %% in format string");
756 type_t *expected_type;
761 case FMT_MOD_NONE: expected_type = type_int; break;
762 case FMT_MOD_hh: expected_type = type_signed_char; break;
763 case FMT_MOD_h: expected_type = type_short; break;
764 case FMT_MOD_l: expected_type = type_long; break;
765 case FMT_MOD_ll: expected_type = type_long_long; break;
766 case FMT_MOD_j: expected_type = type_intmax_t; break;
767 case FMT_MOD_z: expected_type = type_ssize_t; break;
768 case FMT_MOD_t: expected_type = type_ptrdiff_t; break;
769 case FMT_MOD_I: expected_type = type_ptrdiff_t; break;
770 case FMT_MOD_I32: expected_type = type_int32; break;
771 case FMT_MOD_I64: expected_type = type_int64; break;
774 warn_invalid_length_modifier(pos, fmt_mod, fmt);
782 goto eval_fmt_mod_unsigned;
785 eval_fmt_mod_unsigned:
787 case FMT_MOD_NONE: expected_type = type_unsigned_int; break;
788 case FMT_MOD_hh: expected_type = type_unsigned_char; break;
789 case FMT_MOD_h: expected_type = type_unsigned_short; break;
790 case FMT_MOD_l: expected_type = type_unsigned_long; break;
791 case FMT_MOD_ll: expected_type = type_unsigned_long_long; break;
792 case FMT_MOD_j: expected_type = type_uintmax_t; break;
793 case FMT_MOD_z: expected_type = type_size_t; break;
794 case FMT_MOD_t: expected_type = type_uptrdiff_t; break;
795 case FMT_MOD_I: expected_type = type_size_t; break;
796 case FMT_MOD_I32: expected_type = type_unsigned_int32; break;
797 case FMT_MOD_I64: expected_type = type_unsigned_int64; break;
800 warn_invalid_length_modifier(pos, fmt_mod, fmt);
814 case FMT_MOD_l: /* l modifier is ignored */
815 case FMT_MOD_NONE: expected_type = type_double; break;
816 case FMT_MOD_L: expected_type = type_long_double; break;
819 warn_invalid_length_modifier(pos, fmt_mod, fmt);
825 if (fmt_mod != FMT_MOD_NONE) {
826 warn_invalid_length_modifier(pos, fmt_mod, fmt);
829 expected_type = type_wchar_t;
833 expected_type = type_int;
835 case FMT_MOD_NONE: expected_type = type_int; break; /* TODO promoted char */
836 case FMT_MOD_l: expected_type = type_wint_t; break;
837 case FMT_MOD_w: expected_type = type_wchar_t; break;
840 warn_invalid_length_modifier(pos, fmt_mod, fmt);
846 if (fmt_mod != FMT_MOD_NONE) {
847 warn_invalid_length_modifier(pos, fmt_mod, fmt);
850 expected_type = type_wchar_t;
856 case FMT_MOD_NONE: expected_type = type_char; break;
857 case FMT_MOD_l: expected_type = type_wchar_t; break;
858 case FMT_MOD_w: expected_type = type_wchar_t; break;
861 warn_invalid_length_modifier(pos, fmt_mod, fmt);
867 if (fmt_mod != FMT_MOD_NONE) {
868 warn_invalid_length_modifier(pos, fmt_mod, fmt);
871 expected_type = type_void_ptr;
876 case FMT_MOD_NONE: expected_type = type_int; break;
877 case FMT_MOD_hh: expected_type = type_signed_char; break;
878 case FMT_MOD_h: expected_type = type_short; break;
879 case FMT_MOD_l: expected_type = type_long; break;
880 case FMT_MOD_ll: expected_type = type_long_long; break;
881 case FMT_MOD_j: expected_type = type_intmax_t; break;
882 case FMT_MOD_z: expected_type = type_ssize_t; break;
883 case FMT_MOD_t: expected_type = type_ptrdiff_t; break;
886 warn_invalid_length_modifier(pos, fmt_mod, fmt);
892 warningf(pos, "encountered unknown conversion specifier '%%%C' at position %u", (wint_t)fmt, num_fmt);
894 warningf(pos, "too few arguments for format string");
901 warningf(pos, "too few arguments for format string");
905 { /* create a scope here to prevent warning about the jump to next_arg */
906 type_t *const arg_type = arg->expression->base.type;
907 type_t *const arg_skip = skip_typeref(arg_type);
908 type_t *const expected_type_skip = skip_typeref(expected_type);
910 if (! is_type_pointer(arg_skip))
912 type_t *const ptr_skip = skip_typeref(arg_skip->pointer.points_to);
915 /* allow any pointer type for %p, not just void */
916 if (is_type_pointer(ptr_skip))
920 /* do NOT allow const or restrict, all other should be ok */
921 if (ptr_skip->base.qualifiers & (TYPE_QUALIFIER_CONST | TYPE_QUALIFIER_VOLATILE))
923 type_t *const unqual_ptr = get_unqualified_type(ptr_skip);
924 if (unqual_ptr == expected_type_skip) {
926 } else if (expected_type_skip == type_char) {
927 /* char matches with unsigned char AND signed char */
928 if (unqual_ptr == type_signed_char || unqual_ptr == type_unsigned_char)
932 if (is_type_valid(arg_skip)) {
934 "argument type '%T' does not match conversion specifier '%%%s%c' at position %u",
935 arg_type, get_length_modifier_name(fmt_mod), (char)fmt, num_fmt);
941 if (!atend(&vchar)) {
942 warningf(pos, "format string contains '\\0'");
945 unsigned num_args = num_fmt;
946 while (arg != NULL) {
950 warningf(pos, "%u argument%s but only %u format specifier%s",
951 num_args, num_args != 1 ? "s" : "",
952 num_fmt, num_fmt != 1 ? "s" : "");
956 static const format_spec_t builtin_table[] = {
957 { "printf", FORMAT_PRINTF, 0, 1 },
958 { "wprintf", FORMAT_PRINTF, 0, 1 },
959 { "sprintf", FORMAT_PRINTF, 1, 2 },
960 { "swprintf", FORMAT_PRINTF, 1, 2 },
961 { "snprintf", FORMAT_PRINTF, 2, 3 },
962 { "snwprintf", FORMAT_PRINTF, 2, 3 },
963 { "fprintf", FORMAT_PRINTF, 1, 2 },
964 { "fwprintf", FORMAT_PRINTF, 1, 2 },
965 { "snwprintf", FORMAT_PRINTF, 2, 3 },
966 { "snwprintf", FORMAT_PRINTF, 2, 3 },
968 { "scanf", FORMAT_SCANF, 0, 1 },
969 { "wscanf", FORMAT_SCANF, 0, 1 },
970 { "sscanf", FORMAT_SCANF, 1, 2 },
971 { "swscanf", FORMAT_SCANF, 1, 2 },
972 { "fscanf", FORMAT_SCANF, 1, 2 },
973 { "fwscanf", FORMAT_SCANF, 1, 2 },
975 { "strftime", FORMAT_STRFTIME, 3, 4 },
976 { "wcstrftime", FORMAT_STRFTIME, 3, 4 },
978 { "strfmon", FORMAT_STRFMON, 3, 4 },
981 { "_snprintf", FORMAT_PRINTF, 2, 3 },
982 { "_snwprintf", FORMAT_PRINTF, 2, 3 },
983 { "_scrintf", FORMAT_PRINTF, 0, 1 },
984 { "_scwprintf", FORMAT_PRINTF, 0, 1 },
985 { "printf_s", FORMAT_PRINTF, 0, 1 },
986 { "wprintf_s", FORMAT_PRINTF, 0, 1 },
987 { "sprintf_s", FORMAT_PRINTF, 3, 4 },
988 { "swprintf_s", FORMAT_PRINTF, 3, 4 },
989 { "fprintf_s", FORMAT_PRINTF, 1, 2 },
990 { "fwprintf_s", FORMAT_PRINTF, 1, 2 },
991 { "_sprintf_l", FORMAT_PRINTF, 1, 3 },
992 { "_swprintf_l", FORMAT_PRINTF, 1, 3 },
993 { "_printf_l", FORMAT_PRINTF, 0, 2 },
994 { "_wprintf_l", FORMAT_PRINTF, 0, 2 },
995 { "_fprintf_l", FORMAT_PRINTF, 1, 3 },
996 { "_fwprintf_l", FORMAT_PRINTF, 1, 3 },
997 { "_printf_s_l", FORMAT_PRINTF, 0, 2 },
998 { "_wprintf_s_l", FORMAT_PRINTF, 0, 2 },
999 { "_sprintf_s_l", FORMAT_PRINTF, 3, 5 },
1000 { "_swprintf_s_l", FORMAT_PRINTF, 3, 5 },
1001 { "_fprintf_s_l", FORMAT_PRINTF, 1, 3 },
1002 { "_fwprintf_s_l", FORMAT_PRINTF, 1, 3 },
1005 void check_format(const call_expression_t *const call)
1007 if (!warning.format)
1010 const expression_t *const func_expr = call->function;
1011 if (func_expr->kind != EXPR_REFERENCE)
1014 const entity_t *const entity = func_expr->reference.entity;
1015 const call_argument_t * arg = call->arguments;
1018 /* the declaration has a GNU format attribute, check it */
1021 * For some functions we always check the format, even if it was not specified.
1022 * This allows to check format even in MS mode or without header included.
1024 const char *const name = entity->base.symbol->string;
1025 for (size_t i = 0; i < lengthof(builtin_table); ++i) {
1026 if (strcmp(name, builtin_table[i].name) == 0) {
1027 switch (builtin_table[i].fmt_kind) {
1029 check_printf_format(arg, &builtin_table[i]);
1032 check_scanf_format(arg, &builtin_table[i]);
1034 case FORMAT_STRFTIME:
1035 case FORMAT_STRFMON:
1036 /* TODO: implement other cases */