http://llvm.org/bugs/show_bug.cgi?id=9314
Summary: -Wformat-security false positive with __func__ and
__PRETTY_FUNCTION__
Product: clang
Version: unspecified
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P
Component: -New Bugs
AssignedTo: [email protected]
ReportedBy: [email protected]
CC: [email protected]
Clang doesn't believe that __func__ and __PRETTY_FUNCTION__ are string
literals. Thus the following sample program:
#include <stdio.h>
int
main (int argc, char **argv)
{
printf (__PRETTY_FUNCTION__);
printf (__func__);
return 0;
}
produces the following diagnostics:
% clang -Wformat-security -o pretty pretty.c
pretty.c:6:11: warning: format string is not a string literal
(potentially insecure) [-Wformat-security]
printf (__PRETTY_FUNCTION__);
^~~~~~~~~~~~~~~~~~~
pretty.c:7:11: warning: format string is not a string literal
(potentially insecure) [-Wformat-security]
printf (__func__);
^~~~~~~~
2 diagnostics generated.
The warning is technically accurate, I suppose: they are not literals per se.
But they can't contain format string-significant characters, so this usage
feels harmless to me.
I'm using:
% clang --version
clang version 1.1 (Debian 2.7-3)
Target: x86_64-pc-linux-gnu
Thread model: posix
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs
