initial support for checking format strings, patch by Ted Kremenek:
"I've coded up some support in clang to flag warnings for non-constant format strings used in calls to printf-like functions (all the functions listed in "man fprintf"). Non-constant format strings are a source of many security exploits in C/C++ programs, and I believe are currently detected by gcc using the flag -Wformat-nonliteral."
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@41003 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/Sema/Sema.cpp b/Sema/Sema.cpp
index 64c18a8..76771d0 100644
--- a/Sema/Sema.cpp
+++ b/Sema/Sema.cpp
@@ -16,10 +16,26 @@
#include "clang/AST/ASTContext.h"
#include "clang/Lex/Preprocessor.h"
#include "clang/Basic/Diagnostic.h"
+
using namespace clang;
Sema::Sema(Preprocessor &pp, ASTContext &ctxt, std::vector<Decl*> &prevInGroup)
: PP(pp), Context(ctxt), CurFunctionDecl(0), LastInGroupList(prevInGroup) {
+
+ // Get IdentifierInfo objects for known functions for which we
+ // do extra checking.
+ IdentifierTable& IT = PP.getIdentifierTable();
+
+ KnownFunctionIDs[ id_printf ] = &IT.get("printf");
+ KnownFunctionIDs[ id_fprintf ] = &IT.get("fprintf");
+ KnownFunctionIDs[ id_sprintf ] = &IT.get("sprintf");
+ KnownFunctionIDs[ id_snprintf ] = &IT.get("snprintf");
+ KnownFunctionIDs[ id_vsnprintf ] = &IT.get("vsnprintf");
+ KnownFunctionIDs[ id_asprintf ] = &IT.get("asprintf");
+ KnownFunctionIDs[ id_vasprintf ] = &IT.get("vasprintf");
+ KnownFunctionIDs[ id_vfprintf ] = &IT.get("vfprintf");
+ KnownFunctionIDs[ id_vsprintf ] = &IT.get("vsprintf");
+ KnownFunctionIDs[ id_vprintf ] = &IT.get("vprintf");
}
//===----------------------------------------------------------------------===//