| Issue |
64651
|
| Summary |
Functions that forward printf format strings erroneously trigger -Wformat-security
|
| Labels |
new issue
|
| Assignees |
|
| Reporter |
pkasting
|
The following code triggers -Wformat-security on the first call to `f2()`, even though the fact that `f22()` is itself tagged with the format attribute should let the compiler realize that the first arg is a literal at the original callsite:
```
void __attribute__((format(printf, 1, 2))) f2(const char* format, ...);
void __attribute__((format(printf, 1, 2))) f22(const char* format, ...) {
f2(format); // Warning (incorrect)
f2(format, 1); // No warning (correct)
}
void bar() {
f22("Test");
}
```
Godbolt repro: https://godbolt.org/z/qeqjP7dr7
Strangely, the second call to `f2()` does not produce a warning, though it is safe or unsafe in exactly the same cases as the first call.
![]()
_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
