[llvm-bugs] [Bug 64650] Calls to functions with attribute(format(printf, n, 0)) fail to trigger -Wformat-security

LLVM Bugs via llvm-bugs Sat, 12 Aug 2023 14:04:48 -0700

Issue	64650
Summary	Calls to functions with __attribute__(format(printf, n, 0)) fail to trigger -Wformat-security
Labels	new issue
Assignees
Reporter	pkasting

    The following code should trigger -Wformat-security on the call to `f0()`, but does not:
```
void __attribute__((format(printf, 1, 0))) f0(const char* format, ...);
void __attribute__((format(printf, 1, 2))) f2(const char* format, ...);


void bar() {
    const char* str = "Test";
 f0("Test");
    f0(str);  // No warning (incorrect)
 f2("Test");
    f2(str);  // Warning (correct)
}
```

Godbolt repro: https://godbolt.org/z/5qGqrf3bW

While passing a `0` to the third arg of the format attribute means the args cannot be checks against the format string, checking that the format string itself is a literal should be independent of that.

_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs

[llvm-bugs] [Bug 64650] Calls to functions with __attribute__(format(printf, n, 0)) fail to trigger -Wformat-security

Reply via email to

[llvm-bugs] [Bug 64650] Calls to functions with attribute(format(printf, n, 0)) fail to trigger -Wformat-security