2 * This file is part of cparser.
3 * Copyright (C) 2007-2008 Matthias Braun <matze@braunis.de>
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version 2
8 * of the License, or (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
24 #include "format_check.h"
28 #include "diagnostic.h"
32 #include "lang_features.h"
34 typedef enum format_flag_t {
36 FMT_FLAG_HASH = 1U << 0,
37 FMT_FLAG_ZERO = 1U << 1,
38 FMT_FLAG_MINUS = 1U << 2,
39 FMT_FLAG_SPACE = 1U << 3,
40 FMT_FLAG_PLUS = 1U << 4,
41 FMT_FLAG_TICK = 1U << 5
44 typedef unsigned format_flags_t;
46 typedef enum format_length_modifier_t {
57 /* only in microsoft mode */
62 } format_length_modifier_t;
64 typedef struct format_spec_t {
65 const char *name; /**< name of the function */
66 format_kind_t fmt_kind; /**< kind */
67 unsigned fmt_idx; /**< index of the format string */
68 unsigned arg_idx; /**< index of the first argument */
71 static const char* get_length_modifier_name(const format_length_modifier_t mod)
73 static const char* const names[] = {
84 /* only in microsoft mode */
87 [FMT_MOD_I32] = "I32",
90 assert(mod < lengthof(names));
94 static void warn_invalid_length_modifier(const source_position_t *pos,
95 const format_length_modifier_t mod,
96 const wchar_rep_t conversion)
99 "invalid length modifier '%s' for conversion specifier '%%%c'",
100 get_length_modifier_name(mod), conversion
104 typedef struct vchar_t vchar_t;
106 const void *string; /**< the string */
107 size_t position; /**< current position */
108 size_t size; /**< size of the string */
110 /** return the first character of the string and setthe position to 0. */
111 unsigned (*first)(vchar_t *self);
112 /** return the next character of the string */
113 unsigned (*next)(vchar_t *self);
114 /** return non_zero if the given character is a digit */
115 int (*is_digit)(unsigned vchar);
118 static unsigned string_first(vchar_t *self) {
120 const string_t *string = self->string;
121 return string->begin[0];
124 static unsigned string_next(vchar_t *self) {
126 const string_t *string = self->string;
127 return string->begin[self->position];
130 static int string_isdigit(unsigned vchar) {
131 return isdigit(vchar);
134 static unsigned wstring_first(vchar_t *self) {
136 const wide_string_t *wstring = self->string;
137 return wstring->begin[0];
140 static unsigned wstring_next(vchar_t *self) {
142 const wide_string_t *wstring = self->string;
143 return wstring->begin[self->position];
146 static int wstring_isdigit(unsigned vchar) {
147 return iswdigit(vchar);
150 static bool atend(vchar_t *self) {
151 return self->position + 1 == self->size;
155 * Check printf-style format.
157 static void check_printf_format(const call_argument_t *arg, const format_spec_t *spec)
159 /* find format arg */
161 for (; idx < spec->fmt_idx; ++idx) {
167 const expression_t *fmt_expr = arg->expression;
168 if (fmt_expr->kind == EXPR_UNARY_CAST_IMPLICIT) {
169 fmt_expr = fmt_expr->unary.value;
173 if (fmt_expr->kind == EXPR_WIDE_STRING_LITERAL) {
174 vchar.string = &fmt_expr->wide_string.value;
175 vchar.size = fmt_expr->wide_string.value.size;
176 vchar.first = wstring_first;
177 vchar.next = wstring_next;
178 vchar.is_digit = wstring_isdigit;
179 } else if (fmt_expr->kind == EXPR_STRING_LITERAL) {
180 vchar.string = &fmt_expr->string.value;
181 vchar.size = fmt_expr->string.value.size;
182 vchar.first = string_first;
183 vchar.next = string_next;
184 vchar.is_digit = string_isdigit;
188 /* find the real args */
189 for(; idx < spec->arg_idx && arg != NULL; ++idx)
192 const source_position_t *pos = &fmt_expr->base.source_position;
193 unsigned fmt = vchar.first(&vchar);
194 unsigned num_fmt = 0;
195 for (; fmt != '\0'; fmt = vchar.next(&vchar)) {
198 fmt = vchar.next(&vchar);
205 format_flags_t fmt_flags = FMT_FLAG_NONE;
207 fmt = vchar.next(&vchar);
208 fmt_flags |= FMT_FLAG_ZERO;
211 /* argument selector or minimum field width */
212 if (vchar.is_digit(fmt)) {
214 fmt = vchar.next(&vchar);
215 } while (vchar.is_digit(fmt));
217 /* digit string was ... */
219 /* ... argument selector */
220 fmt_flags = FMT_FLAG_NONE; /* reset possibly set 0-flag */
224 /* ... minimum field width */
230 case '#': flag = FMT_FLAG_HASH; break;
231 case '0': flag = FMT_FLAG_ZERO; break;
232 case '-': flag = FMT_FLAG_MINUS; break;
233 case '\'': flag = FMT_FLAG_TICK; break;
236 if (fmt_flags & FMT_FLAG_PLUS) {
237 warningf(pos, "' ' is overridden by prior '+' in conversion specification %u", num_fmt);
239 flag = FMT_FLAG_SPACE;
243 if (fmt_flags & FMT_FLAG_SPACE) {
244 warningf(pos, "'+' overrides prior ' ' in conversion specification %u", num_fmt);
246 flag = FMT_FLAG_PLUS;
249 default: goto break_fmt_flags;
251 if (fmt_flags & flag) {
252 warningf(pos, "repeated flag '%c' in conversion specification %u", (char)fmt, num_fmt);
255 fmt = vchar.next(&vchar);
259 /* minimum field width */
261 fmt = vchar.next(&vchar);
263 warningf(pos, "missing argument for '*' field width in conversion specification %u", num_fmt);
266 const type_t *const arg_type = arg->expression->base.type;
267 if (arg_type != type_int) {
268 warningf(pos, "argument for '*' field width in conversion specification %u is not an 'int', but an '%T'", num_fmt, arg_type);
272 while (vchar.is_digit(fmt)) {
273 fmt = vchar.next(&vchar);
280 fmt = vchar.next(&vchar);
282 fmt = vchar.next(&vchar);
284 warningf(pos, "missing argument for '*' precision in conversion specification %u", num_fmt);
287 const type_t *const arg_type = arg->expression->base.type;
288 if (arg_type != type_int) {
289 warningf(pos, "argument for '*' precision in conversion specification %u is not an 'int', but an '%T'", num_fmt, arg_type);
293 /* digit string may be omitted */
294 while (vchar.is_digit(fmt)) {
295 fmt = vchar.next(&vchar);
300 /* length modifier */
301 format_length_modifier_t fmt_mod;
304 fmt = vchar.next(&vchar);
306 fmt = vchar.next(&vchar);
307 fmt_mod = FMT_MOD_hh;
314 fmt = vchar.next(&vchar);
316 fmt = vchar.next(&vchar);
317 fmt_mod = FMT_MOD_ll;
323 case 'L': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_L; break;
324 case 'j': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_j; break;
325 case 't': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_t; break;
326 case 'z': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_z; break;
327 case 'q': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_q; break;
331 fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_w;
333 fmt_mod = FMT_MOD_NONE;
338 fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_I;
340 fmt = vchar.next(&vchar);
342 fmt = vchar.next(&vchar);
343 fmt_mod = FMT_MOD_I32;
348 } else if (fmt == '6') {
349 fmt = vchar.next(&vchar);
351 fmt = vchar.next(&vchar);
352 fmt_mod = FMT_MOD_I64;
359 fmt_mod = FMT_MOD_NONE;
363 fmt_mod = FMT_MOD_NONE;
368 warningf(pos, "dangling %% in format string");
372 type_t *expected_type;
373 type_qualifiers_t expected_qual = TYPE_QUALIFIER_NONE;
374 format_flags_t allowed_flags;
379 case FMT_MOD_NONE: expected_type = type_int; break;
380 case FMT_MOD_hh: expected_type = type_int; break; /* TODO promoted signed char */
381 case FMT_MOD_h: expected_type = type_int; break; /* TODO promoted short */
382 case FMT_MOD_l: expected_type = type_long; break;
383 case FMT_MOD_ll: expected_type = type_long_long; break;
384 case FMT_MOD_j: expected_type = type_intmax_t; break;
385 case FMT_MOD_z: expected_type = type_ssize_t; break;
386 case FMT_MOD_t: expected_type = type_ptrdiff_t; break;
387 case FMT_MOD_I: expected_type = type_ptrdiff_t; break;
388 case FMT_MOD_I32: expected_type = type_int32; break;
389 case FMT_MOD_I64: expected_type = type_int64; break;
392 warn_invalid_length_modifier(pos, fmt_mod, fmt);
395 allowed_flags = FMT_FLAG_MINUS | FMT_FLAG_SPACE | FMT_FLAG_PLUS | FMT_FLAG_ZERO;
401 allowed_flags = FMT_FLAG_MINUS | FMT_FLAG_HASH | FMT_FLAG_ZERO;
402 goto eval_fmt_mod_unsigned;
405 allowed_flags = FMT_FLAG_MINUS | FMT_FLAG_ZERO;
406 eval_fmt_mod_unsigned:
408 case FMT_MOD_NONE: expected_type = type_unsigned_int; break;
409 case FMT_MOD_hh: expected_type = type_int; break; /* TODO promoted unsigned char */
410 case FMT_MOD_h: expected_type = type_int; break; /* TODO promoted unsigned short */
411 case FMT_MOD_l: expected_type = type_unsigned_long; break;
412 case FMT_MOD_ll: expected_type = type_unsigned_long_long; break;
413 case FMT_MOD_j: expected_type = type_uintmax_t; break;
414 case FMT_MOD_z: expected_type = type_size_t; break;
415 case FMT_MOD_t: expected_type = type_uptrdiff_t; break;
416 case FMT_MOD_I: expected_type = type_size_t; break;
417 case FMT_MOD_I32: expected_type = type_unsigned_int32; break;
418 case FMT_MOD_I64: expected_type = type_unsigned_int64; break;
421 warn_invalid_length_modifier(pos, fmt_mod, fmt);
435 case FMT_MOD_l: /* l modifier is ignored */
436 case FMT_MOD_NONE: expected_type = type_double; break;
437 case FMT_MOD_L: expected_type = type_long_double; break;
440 warn_invalid_length_modifier(pos, fmt_mod, fmt);
443 allowed_flags = FMT_FLAG_MINUS | FMT_FLAG_SPACE | FMT_FLAG_PLUS | FMT_FLAG_HASH | FMT_FLAG_ZERO;
447 if (fmt_mod != FMT_MOD_NONE) {
448 warn_invalid_length_modifier(pos, fmt_mod, fmt);
451 expected_type = type_wchar_t;
452 allowed_flags = FMT_FLAG_NONE;
456 expected_type = type_int;
458 case FMT_MOD_NONE: expected_type = type_int; break; /* TODO promoted char */
459 case FMT_MOD_l: expected_type = type_wint_t; break;
460 case FMT_MOD_w: expected_type = type_wchar_t; break;
463 warn_invalid_length_modifier(pos, fmt_mod, fmt);
466 allowed_flags = FMT_FLAG_NONE;
470 if (fmt_mod != FMT_MOD_NONE) {
471 warn_invalid_length_modifier(pos, fmt_mod, fmt);
474 expected_type = type_wchar_t_ptr;
475 expected_qual = TYPE_QUALIFIER_CONST;
476 allowed_flags = FMT_FLAG_MINUS;
481 case FMT_MOD_NONE: expected_type = type_char_ptr; break;
482 case FMT_MOD_l: expected_type = type_wchar_t_ptr; break;
483 case FMT_MOD_w: expected_type = type_wchar_t_ptr; break;
486 warn_invalid_length_modifier(pos, fmt_mod, fmt);
489 expected_qual = TYPE_QUALIFIER_CONST;
490 allowed_flags = FMT_FLAG_MINUS;
494 if (fmt_mod != FMT_MOD_NONE) {
495 warn_invalid_length_modifier(pos, fmt_mod, fmt);
498 expected_type = type_void_ptr;
499 allowed_flags = FMT_FLAG_NONE;
504 case FMT_MOD_NONE: expected_type = type_int_ptr; break;
505 case FMT_MOD_hh: expected_type = type_signed_char_ptr; break;
506 case FMT_MOD_h: expected_type = type_short_ptr; break;
507 case FMT_MOD_l: expected_type = type_long_ptr; break;
508 case FMT_MOD_ll: expected_type = type_long_long_ptr; break;
509 case FMT_MOD_j: expected_type = type_intmax_t_ptr; break;
510 case FMT_MOD_z: expected_type = type_ssize_t_ptr; break;
511 case FMT_MOD_t: expected_type = type_ptrdiff_t_ptr; break;
514 warn_invalid_length_modifier(pos, fmt_mod, fmt);
517 allowed_flags = FMT_FLAG_NONE;
521 warningf(pos, "encountered unknown conversion specifier '%%%C' at position %u", (wint_t)fmt, num_fmt);
523 warningf(pos, "too few arguments for format string");
529 format_flags_t wrong_flags = fmt_flags & ~allowed_flags;
530 if (wrong_flags != 0) {
533 if (wrong_flags & FMT_FLAG_HASH) *p++ = '#';
534 if (wrong_flags & FMT_FLAG_ZERO) *p++ = '0';
535 if (wrong_flags & FMT_FLAG_MINUS) *p++ = '-';
536 if (wrong_flags & FMT_FLAG_SPACE) *p++ = ' ';
537 if (wrong_flags & FMT_FLAG_PLUS) *p++ = '+';
538 if (wrong_flags & FMT_FLAG_TICK) *p++ = '\'';
541 warningf(pos, "invalid format flags \"%s\" in conversion specification %%%c at position %u", wrong, fmt, num_fmt);
545 warningf(pos, "too few arguments for format string");
549 { /* create a scope here to prevent warning about the jump to next_arg */
550 type_t *const arg_type = arg->expression->base.type;
551 type_t *const arg_skip = skip_typeref(arg_type);
552 type_t *const expected_type_skip = skip_typeref(expected_type);
555 /* allow any pointer type for %p, not just void */
556 if (is_type_pointer(arg_skip))
560 if (is_type_pointer(expected_type_skip)) {
561 if (is_type_pointer(arg_skip)) {
562 type_t *const exp_to = skip_typeref(expected_type_skip->pointer.points_to);
563 type_t *const arg_to = skip_typeref(arg_skip->pointer.points_to);
564 if ((arg_to->base.qualifiers & ~expected_qual) == 0 &&
565 get_unqualified_type(arg_to) == exp_to) {
570 if (get_unqualified_type(arg_skip) == expected_type_skip) {
574 if (is_type_valid(arg_skip)) {
576 "argument type '%T' does not match conversion specifier '%%%s%c' at position %u",
577 arg_type, get_length_modifier_name(fmt_mod), (char)fmt, num_fmt);
583 if (!atend(&vchar)) {
584 warningf(pos, "format string contains '\\0'");
587 unsigned num_args = num_fmt;
588 while (arg != NULL) {
592 warningf(pos, "%u argument%s but only %u format specifier%s",
593 num_args, num_args != 1 ? "s" : "",
594 num_fmt, num_fmt != 1 ? "s" : "");
599 * Check scanf-style format.
601 static void check_scanf_format(const call_argument_t *arg, const format_spec_t *spec)
603 /* find format arg */
605 for (; idx < spec->fmt_idx; ++idx) {
611 const expression_t *fmt_expr = arg->expression;
612 if (fmt_expr->kind == EXPR_UNARY_CAST_IMPLICIT) {
613 fmt_expr = fmt_expr->unary.value;
617 if (fmt_expr->kind == EXPR_WIDE_STRING_LITERAL) {
618 vchar.string = &fmt_expr->wide_string.value;
619 vchar.size = fmt_expr->wide_string.value.size;
620 vchar.first = wstring_first;
621 vchar.next = wstring_next;
622 vchar.is_digit = wstring_isdigit;
623 } else if (fmt_expr->kind == EXPR_STRING_LITERAL) {
624 vchar.string = &fmt_expr->string.value;
625 vchar.size = fmt_expr->string.value.size;
626 vchar.first = string_first;
627 vchar.next = string_next;
628 vchar.is_digit = string_isdigit;
632 /* find the real args */
633 for (; idx < spec->arg_idx && arg != NULL; ++idx)
636 const source_position_t *pos = &fmt_expr->base.source_position;
637 unsigned fmt = vchar.first(&vchar);
638 unsigned num_fmt = 0;
639 for (; fmt != '\0'; fmt = vchar.next(&vchar)) {
642 fmt = vchar.next(&vchar);
649 /* length modifier */
650 format_length_modifier_t fmt_mod;
653 fmt = vchar.next(&vchar);
655 fmt = vchar.next(&vchar);
656 fmt_mod = FMT_MOD_hh;
663 fmt = vchar.next(&vchar);
665 fmt = vchar.next(&vchar);
666 fmt_mod = FMT_MOD_ll;
672 case 'L': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_L; break;
673 case 'j': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_j; break;
674 case 't': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_t; break;
675 case 'z': fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_z; break;
679 fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_w;
681 fmt_mod = FMT_MOD_NONE;
686 fmt = vchar.next(&vchar); fmt_mod = FMT_MOD_I;
688 fmt = vchar.next(&vchar);
690 fmt = vchar.next(&vchar);
691 fmt_mod = FMT_MOD_I32;
696 } else if (fmt == '6') {
697 fmt = vchar.next(&vchar);
699 fmt = vchar.next(&vchar);
700 fmt_mod = FMT_MOD_I64;
707 fmt_mod = FMT_MOD_NONE;
711 fmt_mod = FMT_MOD_NONE;
716 warningf(pos, "dangling %% in format string");
720 type_t *expected_type;
725 case FMT_MOD_NONE: expected_type = type_int; break;
726 case FMT_MOD_hh: expected_type = type_signed_char; break;
727 case FMT_MOD_h: expected_type = type_short; break;
728 case FMT_MOD_l: expected_type = type_long; break;
729 case FMT_MOD_ll: expected_type = type_long_long; break;
730 case FMT_MOD_j: expected_type = type_intmax_t; break;
731 case FMT_MOD_z: expected_type = type_ssize_t; break;
732 case FMT_MOD_t: expected_type = type_ptrdiff_t; break;
733 case FMT_MOD_I: expected_type = type_ptrdiff_t; break;
734 case FMT_MOD_I32: expected_type = type_int32; break;
735 case FMT_MOD_I64: expected_type = type_int64; break;
738 warn_invalid_length_modifier(pos, fmt_mod, fmt);
746 goto eval_fmt_mod_unsigned;
749 eval_fmt_mod_unsigned:
751 case FMT_MOD_NONE: expected_type = type_unsigned_int; break;
752 case FMT_MOD_hh: expected_type = type_unsigned_char; break;
753 case FMT_MOD_h: expected_type = type_unsigned_short; break;
754 case FMT_MOD_l: expected_type = type_unsigned_long; break;
755 case FMT_MOD_ll: expected_type = type_unsigned_long_long; break;
756 case FMT_MOD_j: expected_type = type_uintmax_t; break;
757 case FMT_MOD_z: expected_type = type_size_t; break;
758 case FMT_MOD_t: expected_type = type_uptrdiff_t; break;
759 case FMT_MOD_I: expected_type = type_size_t; break;
760 case FMT_MOD_I32: expected_type = type_unsigned_int32; break;
761 case FMT_MOD_I64: expected_type = type_unsigned_int64; break;
764 warn_invalid_length_modifier(pos, fmt_mod, fmt);
778 case FMT_MOD_l: /* l modifier is ignored */
779 case FMT_MOD_NONE: expected_type = type_double; break;
780 case FMT_MOD_L: expected_type = type_long_double; break;
783 warn_invalid_length_modifier(pos, fmt_mod, fmt);
789 if (fmt_mod != FMT_MOD_NONE) {
790 warn_invalid_length_modifier(pos, fmt_mod, fmt);
793 expected_type = type_wchar_t;
797 expected_type = type_int;
799 case FMT_MOD_NONE: expected_type = type_int; break; /* TODO promoted char */
800 case FMT_MOD_l: expected_type = type_wint_t; break;
801 case FMT_MOD_w: expected_type = type_wchar_t; break;
804 warn_invalid_length_modifier(pos, fmt_mod, fmt);
810 if (fmt_mod != FMT_MOD_NONE) {
811 warn_invalid_length_modifier(pos, fmt_mod, fmt);
814 expected_type = type_wchar_t;
820 case FMT_MOD_NONE: expected_type = type_char; break;
821 case FMT_MOD_l: expected_type = type_wchar_t; break;
822 case FMT_MOD_w: expected_type = type_wchar_t; break;
825 warn_invalid_length_modifier(pos, fmt_mod, fmt);
831 if (fmt_mod != FMT_MOD_NONE) {
832 warn_invalid_length_modifier(pos, fmt_mod, fmt);
835 expected_type = type_void_ptr;
840 case FMT_MOD_NONE: expected_type = type_int; break;
841 case FMT_MOD_hh: expected_type = type_signed_char; break;
842 case FMT_MOD_h: expected_type = type_short; break;
843 case FMT_MOD_l: expected_type = type_long; break;
844 case FMT_MOD_ll: expected_type = type_long_long; break;
845 case FMT_MOD_j: expected_type = type_intmax_t; break;
846 case FMT_MOD_z: expected_type = type_ssize_t; break;
847 case FMT_MOD_t: expected_type = type_ptrdiff_t; break;
850 warn_invalid_length_modifier(pos, fmt_mod, fmt);
856 warningf(pos, "encountered unknown conversion specifier '%%%C' at position %u", (wint_t)fmt, num_fmt);
858 warningf(pos, "too few arguments for format string");
865 warningf(pos, "too few arguments for format string");
869 { /* create a scope here to prevent warning about the jump to next_arg */
870 type_t *const arg_type = arg->expression->base.type;
871 type_t *const arg_skip = skip_typeref(arg_type);
872 type_t *const expected_type_skip = skip_typeref(expected_type);
874 if (! is_type_pointer(arg_skip))
876 type_t *const ptr_skip = skip_typeref(arg_skip->pointer.points_to);
879 /* allow any pointer type for %p, not just void */
880 if (is_type_pointer(ptr_skip))
884 /* do NOT allow const or restrict, all other should be ok */
885 if (ptr_skip->base.qualifiers & (TYPE_QUALIFIER_CONST | TYPE_QUALIFIER_VOLATILE))
887 type_t *const unqual_ptr = get_unqualified_type(ptr_skip);
888 if (unqual_ptr == expected_type_skip) {
890 } else if (expected_type_skip == type_char) {
891 /* char matches with unsigned char AND signed char */
892 if (unqual_ptr == type_signed_char || unqual_ptr == type_unsigned_char)
896 if (is_type_valid(arg_skip)) {
898 "argument type '%T' does not match conversion specifier '%%%s%c' at position %u",
899 arg_type, get_length_modifier_name(fmt_mod), (char)fmt, num_fmt);
905 if (!atend(&vchar)) {
906 warningf(pos, "format string contains '\\0'");
909 unsigned num_args = num_fmt;
910 while (arg != NULL) {
914 warningf(pos, "%u argument%s but only %u format specifier%s",
915 num_args, num_args != 1 ? "s" : "",
916 num_fmt, num_fmt != 1 ? "s" : "");
920 static const format_spec_t builtin_table[] = {
921 { "printf", FORMAT_PRINTF, 0, 1 },
922 { "wprintf", FORMAT_PRINTF, 0, 1 },
923 { "sprintf", FORMAT_PRINTF, 1, 2 },
924 { "swprintf", FORMAT_PRINTF, 1, 2 },
925 { "snprintf", FORMAT_PRINTF, 2, 3 },
926 { "snwprintf", FORMAT_PRINTF, 2, 3 },
927 { "fprintf", FORMAT_PRINTF, 1, 2 },
928 { "fwprintf", FORMAT_PRINTF, 1, 2 },
929 { "snwprintf", FORMAT_PRINTF, 2, 3 },
930 { "snwprintf", FORMAT_PRINTF, 2, 3 },
932 { "scanf", FORMAT_SCANF, 0, 1 },
933 { "wscanf", FORMAT_SCANF, 0, 1 },
934 { "sscanf", FORMAT_SCANF, 1, 2 },
935 { "swscanf", FORMAT_SCANF, 1, 2 },
936 { "fscanf", FORMAT_SCANF, 1, 2 },
937 { "fwscanf", FORMAT_SCANF, 1, 2 },
939 { "strftime", FORMAT_STRFTIME, 3, 4 },
940 { "wcstrftime", FORMAT_STRFTIME, 3, 4 },
942 { "strfmon", FORMAT_STRFMON, 3, 4 },
945 { "_snprintf", FORMAT_PRINTF, 2, 3 },
946 { "_snwprintf", FORMAT_PRINTF, 2, 3 },
947 { "_scrintf", FORMAT_PRINTF, 0, 1 },
948 { "_scwprintf", FORMAT_PRINTF, 0, 1 },
949 { "printf_s", FORMAT_PRINTF, 0, 1 },
950 { "wprintf_s", FORMAT_PRINTF, 0, 1 },
951 { "sprintf_s", FORMAT_PRINTF, 3, 4 },
952 { "swprintf_s", FORMAT_PRINTF, 3, 4 },
953 { "fprintf_s", FORMAT_PRINTF, 1, 2 },
954 { "fwprintf_s", FORMAT_PRINTF, 1, 2 },
955 { "_sprintf_l", FORMAT_PRINTF, 1, 3 },
956 { "_swprintf_l", FORMAT_PRINTF, 1, 3 },
957 { "_printf_l", FORMAT_PRINTF, 0, 2 },
958 { "_wprintf_l", FORMAT_PRINTF, 0, 2 },
959 { "_fprintf_l", FORMAT_PRINTF, 1, 3 },
960 { "_fwprintf_l", FORMAT_PRINTF, 1, 3 },
961 { "_printf_s_l", FORMAT_PRINTF, 0, 2 },
962 { "_wprintf_s_l", FORMAT_PRINTF, 0, 2 },
963 { "_sprintf_s_l", FORMAT_PRINTF, 3, 5 },
964 { "_swprintf_s_l", FORMAT_PRINTF, 3, 5 },
965 { "_fprintf_s_l", FORMAT_PRINTF, 1, 3 },
966 { "_fwprintf_s_l", FORMAT_PRINTF, 1, 3 },
969 void check_format(const call_expression_t *const call)
974 const expression_t *const func_expr = call->function;
975 if (func_expr->kind != EXPR_REFERENCE)
978 const entity_t *const entity = func_expr->reference.entity;
979 const call_argument_t * arg = call->arguments;
982 /* the declaration has a GNU format attribute, check it */
985 * For some functions we always check the format, even if it was not specified.
986 * This allows to check format even in MS mode or without header included.
988 const char *const name = entity->base.symbol->string;
989 for (size_t i = 0; i < lengthof(builtin_table); ++i) {
990 if (strcmp(name, builtin_table[i].name) == 0) {
991 switch (builtin_table[i].fmt_kind) {
993 check_printf_format(arg, &builtin_table[i]);
996 check_scanf_format(arg, &builtin_table[i]);
998 case FORMAT_STRFTIME:
1000 /* TODO: implement other cases */
projects / cparser / blob