[LLVMbugs] [Bug 11091] New: incorrect warning for printf and printing std::runtime_error::what()

bugzilla-daemon Sun, 09 Oct 2011 06:02:09 -0700

http://llvm.org/bugs/show_bug.cgi?id=11091


           Summary: incorrect warning for printf and printing
                    std::runtime_error::what()
           Product: clang
           Version: trunk
          Platform: PC
        OS/Version: Windows NT
            Status: NEW
          Severity: normal
          Priority: P
         Component: Frontend
        AssignedTo: [email protected]
        ReportedBy: [email protected]
                CC: [email protected]


This test program:

#include <stdexcept>
#include <cstdio>
using namespace std;

int main()
{
    runtime_error e( "bla" );
    printf( e.what() );
}

Produces this warning:
main.cpp:8:13: warning: format string is not a string literal (potentially
insecure) [-Wformat-security]
    printf( err.what() );
            ^~~~~~~~~~
1 warning generated.

This seems very misleading and warns on correct code like the above, ie when
the format string doesn't contain any format specifiers at all, and is just a
plain const char*.

-- 
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs

[LLVMbugs] [Bug 11091] New: incorrect warning for printf and printing std::runtime_error::what()

Reply via email to