+ assert(fmt == '\0');
+ if (c+1 < string + size) {
+ warningf(WARN_FORMAT, pos, "format string contains '\\0'");
+ }
+ return num_args;
+}
+
+/**
+ * Check printf-style format.
+ */
+static void check_printf_format(call_argument_t const *arg,
+ format_spec_t const *const spec)
+{
+ /* find format arg */
+ size_t idx = 0;
+ for (; idx < spec->fmt_idx; ++idx) {
+ if (arg == NULL)
+ return;
+ arg = arg->next;
+ }
+
+ expression_t const *const fmt_expr = arg->expression;
+
+ /* find the real args */
+ for (; idx < spec->arg_idx && arg != NULL; ++idx)
+ arg = arg->next;
+
+ int const num_fmt = internal_check_printf_format(fmt_expr, arg, spec);
+ if (num_fmt < 0)
+ return;
+
+ size_t num_args = 0;
+ for (; arg != NULL; arg = arg->next)
+ ++num_args;
+ if (num_args > (size_t)num_fmt) {
+ source_position_t const *const pos = &fmt_expr->base.source_position;
+ warningf(WARN_FORMAT, pos, "%u argument%s but only %u format specifier%s", num_args, num_args != 1 ? "s" : "", num_fmt, num_fmt != 1 ? "s" : "");
+ }
+}
+
+/**
+ * Check scanf-style format.
+ */
+static void check_scanf_format(const call_argument_t *arg,
+ const format_spec_t *spec)
+{
+ /* find format arg */
+ unsigned idx = 0;
+ for (; idx < spec->fmt_idx; ++idx) {
+ if (arg == NULL)
+ return;
+ arg = arg->next;
+ }
+
+ const expression_t *fmt_expr = arg->expression;
+ if (fmt_expr->kind == EXPR_UNARY_CAST_IMPLICIT) {
+ fmt_expr = fmt_expr->unary.value;
+ }
+
+ if (fmt_expr->kind != EXPR_STRING_LITERAL
+ && fmt_expr->kind != EXPR_WIDE_STRING_LITERAL)
+ return;
+
+ const char *string = fmt_expr->literal.value.begin;
+ size_t size = fmt_expr->literal.value.size;
+ const char *c = string;
+
+ /* find the real args */
+ for (; idx < spec->arg_idx && arg != NULL; ++idx)
+ arg = arg->next;
+
+ const source_position_t *pos = &fmt_expr->base.source_position;
+ unsigned num_fmt = 0;
+ char fmt;
+ for (fmt = *c; fmt != '\0'; fmt = *(++c)) {
+ if (fmt != '%')
+ continue;
+ fmt = *(++c);
+ if (fmt == '\0') {
+ warningf(WARN_FORMAT, pos, "dangling '%%' in format string");
+ break;
+ }
+ if (fmt == '%')
+ continue;
+
+ ++num_fmt;
+
+ /* look for length modifiers */
+ format_length_modifier_t fmt_mod = FMT_MOD_NONE;
+ switch (fmt) {
+ case 'h':
+ fmt = *(++c);
+ if (fmt == 'h') {
+ fmt = *(++c);
+ fmt_mod = FMT_MOD_hh;
+ } else {
+ fmt_mod = FMT_MOD_h;
+ }
+ break;
+
+ case 'l':
+ fmt = *(++c);
+ if (fmt == 'l') {
+ fmt = *(++c);
+ fmt_mod = FMT_MOD_ll;
+ } else {
+ fmt_mod = FMT_MOD_l;
+ }
+ break;
+
+ case 'L': fmt = *(++c); fmt_mod = FMT_MOD_L; break;
+ case 'j': fmt = *(++c); fmt_mod = FMT_MOD_j; break;
+ case 't': fmt = *(++c); fmt_mod = FMT_MOD_t; break;
+ case 'z': fmt = *(++c); fmt_mod = FMT_MOD_z; break;
+ /* microsoft mode */
+ case 'w':
+ if (c_mode & _MS) {
+ fmt = *(++c);
+ fmt_mod = FMT_MOD_w;
+ }
+ break;
+ case 'I':
+ if (c_mode & _MS) {
+ fmt = *(++c);
+ fmt_mod = FMT_MOD_I;
+ if (fmt == '3') {
+ fmt = *(++c);
+ if (fmt == '2') {
+ fmt = *(++c);
+ fmt_mod = FMT_MOD_I32;
+ } else {
+ /* rewind */
+ fmt = *(--c);
+ }
+ } else if (fmt == '6') {
+ fmt = *(++c);
+ if (fmt == '4') {
+ fmt = *(++c);
+ fmt_mod = FMT_MOD_I64;
+ } else {
+ /* rewind */
+ fmt = *(--c);
+ }
+ }
+ }
+ break;
+ }
+
+ if (fmt == '\0') {
+ warningf(WARN_FORMAT, pos, "dangling %% with conversion specififer in format string");
+ break;
+ }
+
+ type_t *expected_type;
+ switch (fmt) {
+ case 'd':
+ case 'i':
+ switch (fmt_mod) {
+ case FMT_MOD_NONE: expected_type = type_int; break;
+ case FMT_MOD_hh: expected_type = type_signed_char; break;
+ case FMT_MOD_h: expected_type = type_short; break;
+ case FMT_MOD_l: expected_type = type_long; break;
+ case FMT_MOD_ll: expected_type = type_long_long; break;
+ case FMT_MOD_j: expected_type = type_intmax_t; break;
+ case FMT_MOD_z: expected_type = type_ssize_t; break;
+ case FMT_MOD_t: expected_type = type_ptrdiff_t; break;
+ case FMT_MOD_I: expected_type = type_ptrdiff_t; break;
+ case FMT_MOD_I32: expected_type = type_int32; break;
+ case FMT_MOD_I64: expected_type = type_int64; break;
+
+ default:
+ warn_invalid_length_modifier(pos, fmt_mod, fmt);
+ goto next_arg;
+ }
+ break;
+
+ case 'o':
+ case 'X':
+ case 'x':
+ case 'u':
+ switch (fmt_mod) {
+ case FMT_MOD_NONE: expected_type = type_unsigned_int; break;
+ case FMT_MOD_hh: expected_type = type_unsigned_char; break;
+ case FMT_MOD_h: expected_type = type_unsigned_short; break;
+ case FMT_MOD_l: expected_type = type_unsigned_long; break;
+ case FMT_MOD_ll: expected_type = type_unsigned_long_long; break;
+ case FMT_MOD_j: expected_type = type_uintmax_t; break;
+ case FMT_MOD_z: expected_type = type_size_t; break;
+ case FMT_MOD_t: expected_type = type_uptrdiff_t; break;
+ case FMT_MOD_I: expected_type = type_size_t; break;
+ case FMT_MOD_I32: expected_type = type_unsigned_int32; break;
+ case FMT_MOD_I64: expected_type = type_unsigned_int64; break;
+
+ default:
+ warn_invalid_length_modifier(pos, fmt_mod, fmt);
+ goto next_arg;
+ }
+ break;
+
+ case 'A':
+ case 'a':
+ case 'E':
+ case 'e':
+ case 'F':
+ case 'f':
+ case 'G':
+ case 'g':
+ switch (fmt_mod) {
+ case FMT_MOD_l: expected_type = type_double; break;
+ case FMT_MOD_NONE: expected_type = type_float; break;
+ case FMT_MOD_L: expected_type = type_long_double; break;
+
+ default:
+ warn_invalid_length_modifier(pos, fmt_mod, fmt);
+ goto next_arg;
+ }
+ break;
+
+ case 'C':
+ if (fmt_mod != FMT_MOD_NONE) {
+ warn_invalid_length_modifier(pos, fmt_mod, fmt);
+ goto next_arg;
+ }
+ expected_type = type_wchar_t;
+ break;
+
+ case 'c':
+ expected_type = type_int;
+ switch (fmt_mod) {
+ case FMT_MOD_NONE: expected_type = type_int; break; /* TODO promoted char */
+ case FMT_MOD_l: expected_type = type_wint_t; break;
+ case FMT_MOD_w: expected_type = type_wchar_t; break;
+
+ default:
+ warn_invalid_length_modifier(pos, fmt_mod, fmt);
+ goto next_arg;
+ }
+ break;
+
+ case 'S':
+ if (fmt_mod != FMT_MOD_NONE) {
+ warn_invalid_length_modifier(pos, fmt_mod, fmt);
+ goto next_arg;
+ }
+ expected_type = type_wchar_t;
+ break;
+
+ case 's':
+ case '[':
+ switch (fmt_mod) {
+ case FMT_MOD_NONE: expected_type = type_char; break;
+ case FMT_MOD_l: expected_type = type_wchar_t; break;
+ case FMT_MOD_w: expected_type = type_wchar_t; break;
+
+ default:
+ warn_invalid_length_modifier(pos, fmt_mod, fmt);
+ goto next_arg;
+ }
+ break;
+
+ case 'p':
+ if (fmt_mod != FMT_MOD_NONE) {
+ warn_invalid_length_modifier(pos, fmt_mod, fmt);
+ goto next_arg;
+ }
+ expected_type = type_void_ptr;
+ break;
+
+ case 'n':
+ switch (fmt_mod) {
+ case FMT_MOD_NONE: expected_type = type_int; break;
+ case FMT_MOD_hh: expected_type = type_signed_char; break;
+ case FMT_MOD_h: expected_type = type_short; break;
+ case FMT_MOD_l: expected_type = type_long; break;
+ case FMT_MOD_ll: expected_type = type_long_long; break;
+ case FMT_MOD_j: expected_type = type_intmax_t; break;
+ case FMT_MOD_z: expected_type = type_ssize_t; break;
+ case FMT_MOD_t: expected_type = type_ptrdiff_t; break;
+
+ default:
+ warn_invalid_length_modifier(pos, fmt_mod, fmt);
+ goto next_arg;
+ }
+ break;
+
+ default:
+ warningf(WARN_FORMAT, pos, "encountered unknown conversion specifier '%%%c' at format %u", fmt, num_fmt);
+ if (arg == NULL) {
+ warningf(WARN_FORMAT, pos, "too few arguments for format string");
+ return;
+ }
+ goto next_arg;
+ }
+
+ if (arg == NULL) {
+ warningf(WARN_FORMAT, pos, "too few arguments for format string");
+ return;
+ }
+
+ { /* create a scope here to prevent warning about the jump to next_arg */
+ type_t *const arg_type = arg->expression->base.type;
+ type_t *const arg_skip = skip_typeref(arg_type);
+ type_t *const expected_type_skip = skip_typeref(expected_type);
+
+ if (! is_type_pointer(arg_skip))
+ goto error_arg_type;
+ type_t *const ptr_skip = skip_typeref(arg_skip->pointer.points_to);
+
+ if (fmt == 'p') {
+ /* allow any pointer type for %p, not just void */
+ if (is_type_pointer(ptr_skip))
+ goto next_arg;
+ }
+
+ /* do NOT allow const or restrict, all other should be ok */
+ if (ptr_skip->base.qualifiers & (TYPE_QUALIFIER_CONST | TYPE_QUALIFIER_VOLATILE))
+ goto error_arg_type;
+ type_t *const unqual_ptr = get_unqualified_type(ptr_skip);
+ if (unqual_ptr == expected_type_skip) {
+ goto next_arg;
+ } else if (expected_type_skip == type_char) {
+ /* char matches with unsigned char AND signed char */
+ if (unqual_ptr == type_signed_char || unqual_ptr == type_unsigned_char)
+ goto next_arg;
+ }
+error_arg_type:
+ if (is_type_valid(arg_skip)) {
+ source_position_t const *const apos = &arg->expression->base.source_position;
+ char const *const mod = get_length_modifier_name(fmt_mod);
+ warningf(WARN_FORMAT, apos, "argument type '%T' does not match conversion specifier '%%%s%c' at position %u", arg_type, mod, (char)fmt, num_fmt);
+ }
+ }
+next_arg:
+ arg = arg->next;
+ }
+ assert(fmt == '\0');
+ if (c+1 < string + size) {
+ warningf(WARN_FORMAT, pos, "format string contains '\\0'");