os_log: When there are multiple privacy annotations in the format
string, choose the strictest one instead of the last.
Also fix an undefined behavior. Move the pointer update to a later point to
avoid adding StringRef::npos to the pointer.
rdar://problem/40706280
llvm-svn: 336863
diff --git a/clang/lib/Analysis/PrintfFormatString.cpp b/clang/lib/Analysis/PrintfFormatString.cpp
index 2e5841e..00591ab 100644
--- a/clang/lib/Analysis/PrintfFormatString.cpp
+++ b/clang/lib/Analysis/PrintfFormatString.cpp
@@ -135,17 +135,16 @@
MatchedStr = Matches[1];
I += Matches[0].size();
- // Set the privacy flag if there is a privacy annotation in the
- // comma-delimited segment. This overrides any privacy annotations that
- // appeared in previous comma-delimited segments.
+ // Set the privacy flag if the privacy annotation in the
+ // comma-delimited segment is at least as strict as the privacy
+ // annotations in previous comma-delimited segments.
if (MatchedStr.equals("private"))
PrivacyFlags = clang::analyze_os_log::OSLogBufferItem::IsPrivate;
- else if (MatchedStr.equals("public"))
+ else if (PrivacyFlags == 0 && MatchedStr.equals("public"))
PrivacyFlags = clang::analyze_os_log::OSLogBufferItem::IsPublic;
} else {
size_t CommaOrBracePos =
Str.find_if([](char c) { return c == ',' || c == '}'; });
- I += CommaOrBracePos + 1;
if (CommaOrBracePos == StringRef::npos) {
// Neither a comma nor the closing brace was found.
@@ -153,6 +152,8 @@
H.HandleIncompleteSpecifier(Start, E - Start);
return true;
}
+
+ I += CommaOrBracePos + 1;
}
// Continue until the closing brace is found.
} while (*(I - 1) == ',');