[PATCH] D154838: [analyzer] Add check for null pointer passed to %p of printf family

Mital Ashok via Phabricator via cfe-commits Tue, 25 Jul 2023 12:05:32 -0700

MitalAshok added a comment.

Instead of checking for hard-coded names, you can check functions with the 
format(printf, x, y) 
<https://clang.llvm.org/docs/AttributeReference.html#format> attribute:


  if (auto *Format = FD->getAttr<FormatAttr>())
    CheckPrintfPointerConversionSpecifierNULL(C, CE, Format->getFormatIdx());

You also have to check for pointer types first. This currently warns on 
`printf("%d", 0)`, since `0` is a null pointer constant (This warning should 
only be `T*` pointer types, C2x and C++ `nullptr` and GNU `__null`).

Also this only works for null pointer *constants*. `printf("%p", (void*) 0)` is 
pretty rare. You ideally want this to warn on the following too:

  void f(void* p) {
      if (!p) printf("%p", p);
  }
  void g(void) {
      void* p = NULL;
      printf("%p", p);
  }

Look into how the NonNullParamChecker works


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D154838/new/

https://reviews.llvm.org/D154838

_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D154838: [analyzer] Add check for null pointer passed to %p of printf family

Reply via email to