[llvm-bugs] [Bug 26644] New: False positive "format string is not a string literal", SARD #149064

via llvm-bugs Tue, 16 Feb 2016 17:17:56 -0800

https://llvm.org/bugs/show_bug.cgi?id=26644


            Bug ID: 26644
           Summary: False positive  "format string is not a string
                    literal", SARD #149064
           Product: clang
           Version: unspecified
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kreme...@apple.com
          Reporter: test35...@gmail.com
                CC: llvm-bugs@lists.llvm.org
    Classification: Unclassified

(This is the first bug report discovered by one of the SARD tests that I'm
integrating)

The attached file, downloaded from the page at:
https://samate.nist.gov/SARD/view_testcase.php?tID=149064

...file url: https://samate.nist.gov/SARD/testcases/000/149/064/fmt5-good.c

causes a false positive "format string is not a string literal".


The function in question:

void
test(char *fmt, char *str)
{
    printf(fmt, str);    /* FIX */
}

Is called with string literals as fmt:

    if(userstr[0] == '!')
        test("<%s>", userstr);
    else 
        test("[%s]", userstr);


...this may not be visible from a local analysis of `test`, which would cause
the warning.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs

[llvm-bugs] [Bug 26644] New: False positive "format string is not a string literal", SARD #149064

Reply via email to