Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / clang / 2e64c078269a9ab8352b531bda7c3511aee72a8d^! / . / Sema / Sema.h
commit2e64c078269a9ab8352b531bda7c3511aee72a8d[log] [tgz]
authorChris Lattner <sabre@nondot.org>Fri Aug 10 20:18:51 2007 +0000
committerChris Lattner <sabre@nondot.org>Fri Aug 10 20:18:51 2007 +0000
tree4711e49c7f24d8b8d4a18d0ffa00e0bdc02aa704
parent78ed84090ec3ef3c463b13a2a2b03cfadabecfa1 [diff] [blame]
initial support for checking format strings, patch by Ted Kremenek:

"I've coded up some support in clang to flag warnings for non-constant format strings used in calls to printf-like functions (all the functions listed in "man fprintf").  Non-constant format strings are a source of many security exploits in C/C++ programs, and I believe are currently detected by gcc using the flag -Wformat-nonliteral."



git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@41003 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/Sema/Sema.h b/Sema/Sema.h
index b6d4797..3cf7532 100644
--- a/Sema/Sema.h
+++ b/Sema/Sema.h

@@ -68,6 +68,28 @@
   /// us to associate a raw vector type with one of the OCU type names.
   /// This is only necessary for issuing pretty diagnostics.
   llvm::SmallVector<TypedefDecl*, 24> OCUVectorDecls;
+
+  // Enum values used by KnownFunctionIDs (see below).
+  enum {
+    id_printf,
+    id_fprintf,
+    id_sprintf,
+    id_snprintf,
+    id_vsnprintf,
+    id_asprintf,
+    id_vasprintf,
+    id_vfprintf,
+    id_vsprintf,
+    id_vprintf,
+    id_num_known_functions
+  };
+  
+  /// KnownFunctionIDs - This is a list of IdentifierInfo objects to a set
+  /// of known functions used by the semantic analysis to do various
+  /// kinds of checking (e.g. checking format string errors in printf calls).
+  /// This list is populated upon the creation of a Sema object.    
+  IdentifierInfo* KnownFunctionIDs[ id_num_known_functions ];
+  
 public:
   Sema(Preprocessor &pp, ASTContext &ctxt, std::vector<Decl*> &prevInGroup);
   
@@ -395,7 +417,17 @@
   /// a constant expression of type int with a value greater than zero.  If the
   /// array has an incomplete type or a valid constant size, return false,
   /// otherwise emit a diagnostic and return true.
-  bool VerifyConstantArrayType(const ArrayType *ary, SourceLocation loc); 
+  bool VerifyConstantArrayType(const ArrayType *ary, SourceLocation loc);
+  
+  //===--------------------------------------------------------------------===//
+  // Extra semantic analysis beyond the C type system
+  private:
+  
+  void CheckFunctionCall(Expr *Fn, FunctionDecl *FDecl,
+                         Expr** Args, unsigned NumArgsInCall);
+
+  void CheckPrintfArguments(Expr *Fn, FunctionDecl *FDecl, unsigned format_idx,
+                            Expr** Args, unsigned NumArgsInCall);
 };