initial support for checking format strings, patch by Ted Kremenek:
"I've coded up some support in clang to flag warnings for non-constant format strings used in calls to printf-like functions (all the functions listed in "man fprintf"). Non-constant format strings are a source of many security exploits in C/C++ programs, and I believe are currently detected by gcc using the flag -Wformat-nonliteral."
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@41003 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/test/Sema/format-strings.c b/test/Sema/format-strings.c
new file mode 100644
index 0000000..f71cd58
--- /dev/null
+++ b/test/Sema/format-strings.c
@@ -0,0 +1,23 @@
+// RUN: clang -parse-ast-check %s
+
+#include <stdio.h>
+#include <stdarg.h>
+
+void check_string_literal( FILE* fp, const char* s, char *buf, ... ) {
+
+ char * b;
+ va_list ap;
+ va_start(ap,buf);
+
+ printf(s); // expected-warning {{format string is not a string literal}}
+ vprintf(s,ap); // expected-warning {{format string is not a string liter}}
+ fprintf(fp,s); // expected-warning {{format string is not a string literal}}
+ vfprintf(fp,s,ap); // expected-warning {{format string is not a string lit}}
+ asprintf(&b,s); // expected-warning {{format string is not a string lit}}
+ vasprintf(&b,s,ap); // expected-warning {{format string is not a string lit}}
+ sprintf(buf,s); // expected-warning {{format string is not a string literal}}
+ snprintf(buf,2,s); // expected-warning {{format string is not a string lit}}
+ vsprintf(buf,s,ap); // expected-warning {{format string is not a string lit}}
+ vsnprintf(buf,2,s,ap); // expected-warning {{mat string is not a string lit}}
+}
+