1 /* Check calls to formatted I/O functions (-Wformat).
2 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
3 2001, 2002 Free Software Foundation, Inc.
5 This file is part of GCC.
7 GCC is free software; you can redistribute it and/or modify it under
8 the terms of the GNU General Public License as published by the Free
9 Software Foundation; either version 2, or (at your option) any later
12 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
13 WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 You should have received a copy of the GNU General Public License
18 along with GCC; see the file COPYING. If not, write to the Free
19 Software Foundation, 59 Temple Place - Suite 330, Boston, MA
31 #include "diagnostic.h"
34 /* Command line options and their associated flags. */
36 /* Warn about format/argument anomalies in calls to formatted I/O functions
37 (*printf, *scanf, strftime, strfmon, etc.). */
41 /* Warn about Y2K problems with strftime formats. */
45 /* Warn about excess arguments to formats. */
47 int warn_format_extra_args;
49 /* Warn about non-literal format arguments. */
51 int warn_format_nonliteral;
53 /* Warn about possible security problems with calls to format functions. */
55 int warn_format_security;
57 /* Set format warning options according to a -Wformat=n option. */
63 warn_format = setting;
64 warn_format_y2k = setting;
65 warn_format_extra_args = setting;
68 warn_format_nonliteral = setting;
69 warn_format_security = setting;
74 /* Handle attributes associated with format checking. */
76 /* This must be in the same order as format_types, with format_type_error
78 enum format_type { printf_format_type, scanf_format_type,
79 strftime_format_type, strfmon_format_type,
83 typedef struct function_format_info
85 enum format_type format_type; /* type of format (printf, scanf, etc.) */
86 unsigned HOST_WIDE_INT format_num; /* number of format argument */
87 unsigned HOST_WIDE_INT first_arg_num; /* number of first arg (zero for varargs) */
88 } function_format_info;
90 static bool decode_format_attr PARAMS ((tree,
91 function_format_info *, int));
92 static enum format_type decode_format_type PARAMS ((const char *));
94 /* Handle a "format" attribute; arguments as in
95 struct attribute_spec.handler. */
97 handle_format_attribute (node, name, args, flags, no_add_attrs)
99 tree name ATTRIBUTE_UNUSED;
105 function_format_info info;
107 unsigned HOST_WIDE_INT arg_num;
109 if (!decode_format_attr (args, &info, 0))
111 *no_add_attrs = true;
115 /* If a parameter list is specified, verify that the format_num
116 argument is actually a string, in case the format attribute
118 argument = TYPE_ARG_TYPES (type);
121 for (arg_num = 1; argument != 0 && arg_num != info.format_num;
122 ++arg_num, argument = TREE_CHAIN (argument))
126 || TREE_CODE (TREE_VALUE (argument)) != POINTER_TYPE
127 || (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_VALUE (argument)))
130 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
131 error ("format string arg not a string type");
132 *no_add_attrs = true;
136 else if (info.first_arg_num != 0)
138 /* Verify that first_arg_num points to the last arg,
141 arg_num++, argument = TREE_CHAIN (argument);
143 if (arg_num != info.first_arg_num)
145 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
146 error ("args to be formatted is not '...'");
147 *no_add_attrs = true;
153 if (info.format_type == strftime_format_type && info.first_arg_num != 0)
155 error ("strftime formats cannot format arguments");
156 *no_add_attrs = true;
164 /* Handle a "format_arg" attribute; arguments as in
165 struct attribute_spec.handler. */
167 handle_format_arg_attribute (node, name, args, flags, no_add_attrs)
169 tree name ATTRIBUTE_UNUSED;
175 tree format_num_expr = TREE_VALUE (args);
176 unsigned HOST_WIDE_INT format_num;
177 unsigned HOST_WIDE_INT arg_num;
180 /* Strip any conversions from the first arg number and verify it
182 while (TREE_CODE (format_num_expr) == NOP_EXPR
183 || TREE_CODE (format_num_expr) == CONVERT_EXPR
184 || TREE_CODE (format_num_expr) == NON_LVALUE_EXPR)
185 format_num_expr = TREE_OPERAND (format_num_expr, 0);
187 if (TREE_CODE (format_num_expr) != INTEGER_CST
188 || TREE_INT_CST_HIGH (format_num_expr) != 0)
190 error ("format string has invalid operand number");
191 *no_add_attrs = true;
195 format_num = TREE_INT_CST_LOW (format_num_expr);
197 /* If a parameter list is specified, verify that the format_num
198 argument is actually a string, in case the format attribute
200 argument = TYPE_ARG_TYPES (type);
203 for (arg_num = 1; argument != 0 && arg_num != format_num;
204 ++arg_num, argument = TREE_CHAIN (argument))
208 || TREE_CODE (TREE_VALUE (argument)) != POINTER_TYPE
209 || (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_VALUE (argument)))
212 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
213 error ("format string arg not a string type");
214 *no_add_attrs = true;
219 if (TREE_CODE (TREE_TYPE (type)) != POINTER_TYPE
220 || (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (type)))
223 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
224 error ("function does not return string type");
225 *no_add_attrs = true;
233 /* Decode the arguments to a "format" attribute into a function_format_info
234 structure. It is already known that the list is of the right length.
235 If VALIDATED_P is true, then these attributes have already been validated
236 and this function will abort if they are erroneous; if false, it
237 will give an error message. Returns true if the attributes are
238 successfully decoded, false otherwise. */
241 decode_format_attr (args, info, validated_p)
243 function_format_info *info;
246 tree format_type_id = TREE_VALUE (args);
247 tree format_num_expr = TREE_VALUE (TREE_CHAIN (args));
248 tree first_arg_num_expr
249 = TREE_VALUE (TREE_CHAIN (TREE_CHAIN (args)));
251 if (TREE_CODE (format_type_id) != IDENTIFIER_NODE)
255 error_with_decl (getdecls (), "unrecognized format specifier");
260 const char *p = IDENTIFIER_POINTER (format_type_id);
262 info->format_type = decode_format_type (p);
264 if (info->format_type == format_type_error)
268 warning ("`%s' is an unrecognized format function type", p);
273 /* Strip any conversions from the string index and first arg number
274 and verify they are constants. */
275 while (TREE_CODE (format_num_expr) == NOP_EXPR
276 || TREE_CODE (format_num_expr) == CONVERT_EXPR
277 || TREE_CODE (format_num_expr) == NON_LVALUE_EXPR)
278 format_num_expr = TREE_OPERAND (format_num_expr, 0);
280 while (TREE_CODE (first_arg_num_expr) == NOP_EXPR
281 || TREE_CODE (first_arg_num_expr) == CONVERT_EXPR
282 || TREE_CODE (first_arg_num_expr) == NON_LVALUE_EXPR)
283 first_arg_num_expr = TREE_OPERAND (first_arg_num_expr, 0);
285 if (TREE_CODE (format_num_expr) != INTEGER_CST
286 || TREE_INT_CST_HIGH (format_num_expr) != 0
287 || TREE_CODE (first_arg_num_expr) != INTEGER_CST
288 || TREE_INT_CST_HIGH (first_arg_num_expr) != 0)
292 error ("format string has invalid operand number");
296 info->format_num = TREE_INT_CST_LOW (format_num_expr);
297 info->first_arg_num = TREE_INT_CST_LOW (first_arg_num_expr);
298 if (info->first_arg_num != 0 && info->first_arg_num <= info->format_num)
302 error ("format string arg follows the args to be formatted");
309 /* Check a call to a format function against a parameter list. */
311 /* The meaningfully distinct length modifiers for format checking recognised
328 /* The standard versions in which various format features appeared. */
329 enum format_std_version
333 STD_C9L, /* C99, but treat as C89 if -Wno-long-long. */
338 /* The C standard version C++ is treated as equivalent to
339 or inheriting from, for the purpose of format features supported. */
340 #define CPLUSPLUS_STD_VER STD_C94
341 /* The C standard version we are checking formats against when pedantic. */
342 #define C_STD_VER ((int)(c_language == clk_cplusplus \
343 ? CPLUSPLUS_STD_VER \
346 : (flag_isoc94 ? STD_C94 : STD_C89))))
347 /* The name to give to the standard version we are warning about when
348 pedantic. FEATURE_VER is the version in which the feature warned out
349 appeared, which is higher than C_STD_VER. */
350 #define C_STD_NAME(FEATURE_VER) (c_language == clk_cplusplus \
352 : ((FEATURE_VER) == STD_EXT \
355 /* Adjust a C standard version, which may be STD_C9L, to account for
356 -Wno-long-long. Returns other standard versions unchanged. */
357 #define ADJ_STD(VER) ((int)((VER) == STD_C9L \
358 ? (warn_long_long ? STD_C99 : STD_C89) \
361 /* Flags that may apply to a particular kind of format checked by GCC. */
364 /* This format converts arguments of types determined by the
366 FMT_FLAG_ARG_CONVERT = 1,
367 /* The scanf allocation 'a' kludge applies to this format kind. */
368 FMT_FLAG_SCANF_A_KLUDGE = 2,
369 /* A % during parsing a specifier is allowed to be a modified % rather
370 that indicating the format is broken and we are out-of-sync. */
371 FMT_FLAG_FANCY_PERCENT_OK = 4,
372 /* With $ operand numbers, it is OK to reference the same argument more
374 FMT_FLAG_DOLLAR_MULTIPLE = 8,
375 /* This format type uses $ operand numbers (strfmon doesn't). */
376 FMT_FLAG_USE_DOLLAR = 16,
377 /* Zero width is bad in this type of format (scanf). */
378 FMT_FLAG_ZERO_WIDTH_BAD = 32,
379 /* Empty precision specification is OK in this type of format (printf). */
380 FMT_FLAG_EMPTY_PREC_OK = 64,
381 /* Gaps are allowed in the arguments with $ operand numbers if all
382 arguments are pointers (scanf). */
383 FMT_FLAG_DOLLAR_GAP_POINTER_OK = 128
384 /* Not included here: details of whether width or precision may occur
385 (controlled by width_char and precision_char); details of whether
386 '*' can be used for these (width_type and precision_type); details
387 of whether length modifiers can occur (length_char_specs). */
391 /* Structure describing a length modifier supported in format checking, and
392 possibly a doubled version such as "hh". */
395 /* Name of the single-character length modifier. */
396 const char *const name;
397 /* Index into a format_char_info.types array. */
398 const enum format_lengths index;
399 /* Standard version this length appears in. */
400 const enum format_std_version std;
401 /* Same, if the modifier can be repeated, or NULL if it can't. */
402 const char *const double_name;
403 const enum format_lengths double_index;
404 const enum format_std_version double_std;
405 } format_length_info;
408 /* Structure describing the combination of a conversion specifier
409 (or a set of specifiers which act identically) and a length modifier. */
412 /* The standard version this combination of length and type appeared in.
413 This is only relevant if greater than those for length and type
414 individually; otherwise it is ignored. */
415 enum format_std_version std;
416 /* The name to use for the type, if different from that generated internally
417 (e.g., "signed size_t"). */
419 /* The type itself. */
421 } format_type_detail;
424 /* Macros to fill out tables of these. */
425 #define BADLEN { 0, NULL, NULL }
426 #define NOLENGTHS { BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }
429 /* Structure describing a format conversion specifier (or a set of specifiers
430 which act identically), and the length modifiers used with it. */
433 const char *const format_chars;
434 const int pointer_count;
435 const enum format_std_version std;
436 /* Types accepted for each length modifier. */
437 const format_type_detail types[FMT_LEN_MAX];
438 /* List of other modifier characters allowed with these specifiers.
439 This lists flags, and additionally "w" for width, "p" for precision
440 (right precision, for strfmon), "#" for left precision (strfmon),
441 "a" for scanf "a" allocation extension (not applicable in C99 mode),
442 "*" for scanf suppression, and "E" and "O" for those strftime
444 const char *const flag_chars;
445 /* List of additional flags describing these conversion specifiers.
446 "c" for generic character pointers being allowed, "2" for strftime
447 two digit year formats, "3" for strftime formats giving two digit
448 years in some locales, "4" for "2" which becomes "3" with an "E" modifier,
449 "o" if use of strftime "O" is a GNU extension beyond C99,
450 "W" if the argument is a pointer which is dereferenced and written into,
451 "R" if the argument is a pointer which is dereferenced and read from,
452 "i" for printf integer formats where the '0' flag is ignored with
453 precision, and "[" for the starting character of a scanf scanset. */
454 const char *const flags2;
458 /* Structure describing a flag accepted by some kind of format. */
461 /* The flag character in question (0 for end of array). */
463 /* Zero if this entry describes the flag character in general, or a
464 non-zero character that may be found in flags2 if it describes the
465 flag when used with certain formats only. If the latter, only
466 the first such entry found that applies to the current conversion
467 specifier is used; the values of `name' and `long_name' it supplies
468 will be used, if non-NULL and the standard version is higher than
469 the unpredicated one, for any pedantic warning. For example, 'o'
470 for strftime formats (meaning 'O' is an extension over C99). */
472 /* Nonzero if the next character after this flag in the format should
473 be skipped ('=' in strfmon), zero otherwise. */
474 const int skip_next_char;
475 /* The name to use for this flag in diagnostic messages. For example,
476 N_("`0' flag"), N_("field width"). */
477 const char *const name;
478 /* Long name for this flag in diagnostic messages; currently only used for
479 "ISO C does not support ...". For example, N_("the `I' printf flag"). */
480 const char *const long_name;
481 /* The standard version in which it appeared. */
482 const enum format_std_version std;
486 /* Structure describing a combination of flags that is bad for some kind
490 /* The first flag character in question (0 for end of array). */
491 const int flag_char1;
492 /* The second flag character. */
493 const int flag_char2;
494 /* Non-zero if the message should say that the first flag is ignored with
495 the second, zero if the combination should simply be objected to. */
497 /* Zero if this entry applies whenever this flag combination occurs,
498 a non-zero character from flags2 if it only applies in some
499 circumstances (e.g. 'i' for printf formats ignoring 0 with precision). */
504 /* Structure describing a particular kind of format processed by GCC. */
507 /* The name of this kind of format, for use in diagnostics. Also
508 the name of the attribute (without preceding and following __). */
509 const char *const name;
510 /* Specifications of the length modifiers accepted; possibly NULL. */
511 const format_length_info *const length_char_specs;
512 /* Details of the conversion specification characters accepted. */
513 const format_char_info *const conversion_specs;
514 /* String listing the flag characters that are accepted. */
515 const char *const flag_chars;
516 /* String listing modifier characters (strftime) accepted. May be NULL. */
517 const char *const modifier_chars;
518 /* Details of the flag characters, including pseudo-flags. */
519 const format_flag_spec *const flag_specs;
520 /* Details of bad combinations of flags. */
521 const format_flag_pair *const bad_flag_pairs;
522 /* Flags applicable to this kind of format. */
524 /* Flag character to treat a width as, or 0 if width not used. */
525 const int width_char;
526 /* Flag character to treat a left precision (strfmon) as,
527 or 0 if left precision not used. */
528 const int left_precision_char;
529 /* Flag character to treat a precision (for strfmon, right precision) as,
530 or 0 if precision not used. */
531 const int precision_char;
532 /* If a flag character has the effect of suppressing the conversion of
533 an argument ('*' in scanf), that flag character, otherwise 0. */
534 const int suppression_char;
535 /* Flag character to treat a length modifier as (ignored if length
536 modifiers not used). Need not be placed in flag_chars for conversion
537 specifiers, but is used to check for bad combinations such as length
538 modifier with assignment suppression in scanf. */
539 const int length_code_char;
540 /* Pointer to type of argument expected if '*' is used for a width,
541 or NULL if '*' not used for widths. */
542 tree *const width_type;
543 /* Pointer to type of argument expected if '*' is used for a precision,
544 or NULL if '*' not used for precisions. */
545 tree *const precision_type;
546 const int null_format_ok;
550 /* Structure describing details of a type expected in format checking,
551 and the type to check against it. */
552 typedef struct format_wanted_type
554 /* The type wanted. */
556 /* The name of this type to use in diagnostics. */
557 const char *wanted_type_name;
558 /* The level of indirection through pointers at which this type occurs. */
560 /* Whether, when pointer_count is 1, to allow any character type when
561 pedantic, rather than just the character or void type specified. */
562 int char_lenient_flag;
563 /* Whether the argument, dereferenced once, is written into and so the
564 argument must not be a pointer to a const-qualified type. */
566 /* Whether the argument, dereferenced once, is read from and so
567 must not be a NULL pointer. */
568 int reading_from_flag;
569 /* If warnings should be of the form "field precision is not type int",
570 the name to use (in this case "field precision"), otherwise NULL,
571 for "%s format, %s arg" type messages. If (in an extension), this
572 is a pointer type, wanted_type_name should be set to include the
573 terminating '*' characters of the type name to give a correct
576 /* The actual parameter to check against the wanted type. */
578 /* The argument number of that parameter. */
580 /* The next type to check for this format conversion, or NULL if none. */
581 struct format_wanted_type *next;
582 } format_wanted_type;
585 static const format_length_info printf_length_specs[] =
587 { "h", FMT_LEN_h, STD_C89, "hh", FMT_LEN_hh, STD_C99 },
588 { "l", FMT_LEN_l, STD_C89, "ll", FMT_LEN_ll, STD_C9L },
589 { "q", FMT_LEN_ll, STD_EXT, NULL, 0, 0 },
590 { "L", FMT_LEN_L, STD_C89, NULL, 0, 0 },
591 { "z", FMT_LEN_z, STD_C99, NULL, 0, 0 },
592 { "Z", FMT_LEN_z, STD_EXT, NULL, 0, 0 },
593 { "t", FMT_LEN_t, STD_C99, NULL, 0, 0 },
594 { "j", FMT_LEN_j, STD_C99, NULL, 0, 0 },
595 { NULL, 0, 0, NULL, 0, 0 }
599 /* This differs from printf_length_specs only in that "Z" is not accepted. */
600 static const format_length_info scanf_length_specs[] =
602 { "h", FMT_LEN_h, STD_C89, "hh", FMT_LEN_hh, STD_C99 },
603 { "l", FMT_LEN_l, STD_C89, "ll", FMT_LEN_ll, STD_C9L },
604 { "q", FMT_LEN_ll, STD_EXT, NULL, 0, 0 },
605 { "L", FMT_LEN_L, STD_C89, NULL, 0, 0 },
606 { "z", FMT_LEN_z, STD_C99, NULL, 0, 0 },
607 { "t", FMT_LEN_t, STD_C99, NULL, 0, 0 },
608 { "j", FMT_LEN_j, STD_C99, NULL, 0, 0 },
609 { NULL, 0, 0, NULL, 0, 0 }
613 /* All tables for strfmon use STD_C89 everywhere, since -pedantic warnings
614 make no sense for a format type not part of any C standard version. */
615 static const format_length_info strfmon_length_specs[] =
617 /* A GNU extension. */
618 { "L", FMT_LEN_L, STD_C89, NULL, 0, 0 },
619 { NULL, 0, 0, NULL, 0, 0 }
622 static const format_flag_spec printf_flag_specs[] =
624 { ' ', 0, 0, N_("` ' flag"), N_("the ` ' printf flag"), STD_C89 },
625 { '+', 0, 0, N_("`+' flag"), N_("the `+' printf flag"), STD_C89 },
626 { '#', 0, 0, N_("`#' flag"), N_("the `#' printf flag"), STD_C89 },
627 { '0', 0, 0, N_("`0' flag"), N_("the `0' printf flag"), STD_C89 },
628 { '-', 0, 0, N_("`-' flag"), N_("the `-' printf flag"), STD_C89 },
629 { '\'', 0, 0, N_("`'' flag"), N_("the `'' printf flag"), STD_EXT },
630 { 'I', 0, 0, N_("`I' flag"), N_("the `I' printf flag"), STD_EXT },
631 { 'w', 0, 0, N_("field width"), N_("field width in printf format"), STD_C89 },
632 { 'p', 0, 0, N_("precision"), N_("precision in printf format"), STD_C89 },
633 { 'L', 0, 0, N_("length modifier"), N_("length modifier in printf format"), STD_C89 },
634 { 0, 0, 0, NULL, NULL, 0 }
638 static const format_flag_pair printf_flag_pairs[] =
642 { '0', 'p', 1, 'i' },
647 static const format_flag_spec scanf_flag_specs[] =
649 { '*', 0, 0, N_("assignment suppression"), N_("the assignment suppression scanf feature"), STD_C89 },
650 { 'a', 0, 0, N_("`a' flag"), N_("the `a' scanf flag"), STD_EXT },
651 { 'w', 0, 0, N_("field width"), N_("field width in scanf format"), STD_C89 },
652 { 'L', 0, 0, N_("length modifier"), N_("length modifier in scanf format"), STD_C89 },
653 { '\'', 0, 0, N_("`'' flag"), N_("the `'' scanf flag"), STD_EXT },
654 { 'I', 0, 0, N_("`I' flag"), N_("the `I' scanf flag"), STD_EXT },
655 { 0, 0, 0, NULL, NULL, 0 }
659 static const format_flag_pair scanf_flag_pairs[] =
666 static const format_flag_spec strftime_flag_specs[] =
668 { '_', 0, 0, N_("`_' flag"), N_("the `_' strftime flag"), STD_EXT },
669 { '-', 0, 0, N_("`-' flag"), N_("the `-' strftime flag"), STD_EXT },
670 { '0', 0, 0, N_("`0' flag"), N_("the `0' strftime flag"), STD_EXT },
671 { '^', 0, 0, N_("`^' flag"), N_("the `^' strftime flag"), STD_EXT },
672 { '#', 0, 0, N_("`#' flag"), N_("the `#' strftime flag"), STD_EXT },
673 { 'w', 0, 0, N_("field width"), N_("field width in strftime format"), STD_EXT },
674 { 'E', 0, 0, N_("`E' modifier"), N_("the `E' strftime modifier"), STD_C99 },
675 { 'O', 0, 0, N_("`O' modifier"), N_("the `O' strftime modifier"), STD_C99 },
676 { 'O', 'o', 0, NULL, N_("the `O' modifier"), STD_EXT },
677 { 0, 0, 0, NULL, NULL, 0 }
681 static const format_flag_pair strftime_flag_pairs[] =
692 static const format_flag_spec strfmon_flag_specs[] =
694 { '=', 0, 1, N_("fill character"), N_("fill character in strfmon format"), STD_C89 },
695 { '^', 0, 0, N_("`^' flag"), N_("the `^' strfmon flag"), STD_C89 },
696 { '+', 0, 0, N_("`+' flag"), N_("the `+' strfmon flag"), STD_C89 },
697 { '(', 0, 0, N_("`(' flag"), N_("the `(' strfmon flag"), STD_C89 },
698 { '!', 0, 0, N_("`!' flag"), N_("the `!' strfmon flag"), STD_C89 },
699 { '-', 0, 0, N_("`-' flag"), N_("the `-' strfmon flag"), STD_C89 },
700 { 'w', 0, 0, N_("field width"), N_("field width in strfmon format"), STD_C89 },
701 { '#', 0, 0, N_("left precision"), N_("left precision in strfmon format"), STD_C89 },
702 { 'p', 0, 0, N_("right precision"), N_("right precision in strfmon format"), STD_C89 },
703 { 'L', 0, 0, N_("length modifier"), N_("length modifier in strfmon format"), STD_C89 },
704 { 0, 0, 0, NULL, NULL, 0 }
707 static const format_flag_pair strfmon_flag_pairs[] =
714 #define T_I &integer_type_node
715 #define T89_I { STD_C89, NULL, T_I }
716 #define T99_I { STD_C99, NULL, T_I }
717 #define T_L &long_integer_type_node
718 #define T89_L { STD_C89, NULL, T_L }
719 #define T_LL &long_long_integer_type_node
720 #define T9L_LL { STD_C9L, NULL, T_LL }
721 #define TEX_LL { STD_EXT, NULL, T_LL }
722 #define T_S &short_integer_type_node
723 #define T89_S { STD_C89, NULL, T_S }
724 #define T_UI &unsigned_type_node
725 #define T89_UI { STD_C89, NULL, T_UI }
726 #define T99_UI { STD_C99, NULL, T_UI }
727 #define T_UL &long_unsigned_type_node
728 #define T89_UL { STD_C89, NULL, T_UL }
729 #define T_ULL &long_long_unsigned_type_node
730 #define T9L_ULL { STD_C9L, NULL, T_ULL }
731 #define TEX_ULL { STD_EXT, NULL, T_ULL }
732 #define T_US &short_unsigned_type_node
733 #define T89_US { STD_C89, NULL, T_US }
734 #define T_F &float_type_node
735 #define T89_F { STD_C89, NULL, T_F }
736 #define T99_F { STD_C99, NULL, T_F }
737 #define T_D &double_type_node
738 #define T89_D { STD_C89, NULL, T_D }
739 #define T99_D { STD_C99, NULL, T_D }
740 #define T_LD &long_double_type_node
741 #define T89_LD { STD_C89, NULL, T_LD }
742 #define T99_LD { STD_C99, NULL, T_LD }
743 #define T_C &char_type_node
744 #define T89_C { STD_C89, NULL, T_C }
745 #define T_SC &signed_char_type_node
746 #define T99_SC { STD_C99, NULL, T_SC }
747 #define T_UC &unsigned_char_type_node
748 #define T99_UC { STD_C99, NULL, T_UC }
749 #define T_V &void_type_node
750 #define T89_V { STD_C89, NULL, T_V }
751 #define T_W &wchar_type_node
752 #define T94_W { STD_C94, "wchar_t", T_W }
753 #define TEX_W { STD_EXT, "wchar_t", T_W }
754 #define T_WI &wint_type_node
755 #define T94_WI { STD_C94, "wint_t", T_WI }
756 #define TEX_WI { STD_EXT, "wint_t", T_WI }
757 #define T_ST &c_size_type_node
758 #define T99_ST { STD_C99, "size_t", T_ST }
759 #define T_SST &signed_size_type_node
760 #define T99_SST { STD_C99, "signed size_t", T_SST }
761 #define T_PD &ptrdiff_type_node
762 #define T99_PD { STD_C99, "ptrdiff_t", T_PD }
763 #define T_UPD &unsigned_ptrdiff_type_node
764 #define T99_UPD { STD_C99, "unsigned ptrdiff_t", T_UPD }
765 #define T_IM &intmax_type_node
766 #define T99_IM { STD_C99, "intmax_t", T_IM }
767 #define T_UIM &uintmax_type_node
768 #define T99_UIM { STD_C99, "uintmax_t", T_UIM }
770 static const format_char_info print_char_table[] =
772 /* C89 conversion specifiers. */
773 { "di", 0, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, TEX_LL, T99_SST, T99_PD, T99_IM }, "-wp0 +'I", "i" },
774 { "oxX", 0, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "-wp0#", "i" },
775 { "u", 0, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "-wp0'I", "i" },
776 { "fgG", 0, STD_C89, { T89_D, BADLEN, BADLEN, T99_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#'", "" },
777 { "eE", 0, STD_C89, { T89_D, BADLEN, BADLEN, T99_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#", "" },
778 { "c", 0, STD_C89, { T89_I, BADLEN, BADLEN, T94_WI, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "" },
779 { "s", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "cR" },
780 { "p", 1, STD_C89, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "c" },
781 { "n", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, BADLEN, T99_SST, T99_PD, T99_IM }, "", "W" },
782 /* C99 conversion specifiers. */
783 { "F", 0, STD_C99, { T99_D, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#'", "" },
784 { "aA", 0, STD_C99, { T99_D, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#", "" },
785 /* X/Open conversion specifiers. */
786 { "C", 0, STD_EXT, { TEX_WI, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "" },
787 { "S", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "R" },
788 /* GNU conversion specifiers. */
789 { "m", 0, STD_EXT, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "" },
790 /* BSD conversion specifiers. */
791 /* FreeBSD kernel extensions (src/sys/kern/subr_prf.c).
792 The format %b is supported to decode error registers.
793 Its usage is: printf("reg=%b\n", regval, "<base><arg>*");
794 which produces: reg=3<BITTWO,BITONE>
795 The format %D provides a hexdump given a pointer and separator string:
796 ("%6D", ptr, ":") -> XX:XX:XX:XX:XX:XX
797 ("%*D", len, ptr, " ") -> XX XX XX XX ...
799 { "D", 1, STD_EXT, { T89_C, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "cR" },
800 { "b", 1, STD_EXT, { T89_C, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "" },
801 { "rz", 0, STD_EXT, { T89_I, BADLEN, BADLEN, T89_L, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp0 +#", "i" },
802 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
805 static const format_char_info scan_char_table[] =
807 /* C89 conversion specifiers. */
808 { "di", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, TEX_LL, T99_SST, T99_PD, T99_IM }, "*w'I", "W" },
809 { "u", 1, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "*w'I", "W" },
810 { "oxX", 1, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "*w", "W" },
811 { "efgEG", 1, STD_C89, { T89_F, BADLEN, BADLEN, T89_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "*w'", "W" },
812 { "c", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*w", "cW" },
813 { "s", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*aw", "cW" },
814 { "[", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*aw", "cW[" },
815 { "p", 2, STD_C89, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*w", "W" },
816 { "n", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, BADLEN, T99_SST, T99_PD, T99_IM }, "", "W" },
817 /* C99 conversion specifiers. */
818 { "FaA", 1, STD_C99, { T99_F, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN }, "*w'", "W" },
819 /* X/Open conversion specifiers. */
820 { "C", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*w", "W" },
821 { "S", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*aw", "W" },
822 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
825 static const format_char_info time_char_table[] =
827 /* C89 conversion specifiers. */
828 { "ABZab", 0, STD_C89, NOLENGTHS, "^#", "" },
829 { "cx", 0, STD_C89, NOLENGTHS, "E", "3" },
830 { "HIMSUWdmw", 0, STD_C89, NOLENGTHS, "-_0Ow", "" },
831 { "j", 0, STD_C89, NOLENGTHS, "-_0Ow", "o" },
832 { "p", 0, STD_C89, NOLENGTHS, "#", "" },
833 { "X", 0, STD_C89, NOLENGTHS, "E", "" },
834 { "y", 0, STD_C89, NOLENGTHS, "EO-_0w", "4" },
835 { "Y", 0, STD_C89, NOLENGTHS, "-_0EOw", "o" },
836 { "%", 0, STD_C89, NOLENGTHS, "", "" },
837 /* C99 conversion specifiers. */
838 { "C", 0, STD_C99, NOLENGTHS, "-_0EOw", "o" },
839 { "D", 0, STD_C99, NOLENGTHS, "", "2" },
840 { "eVu", 0, STD_C99, NOLENGTHS, "-_0Ow", "" },
841 { "FRTnrt", 0, STD_C99, NOLENGTHS, "", "" },
842 { "g", 0, STD_C99, NOLENGTHS, "O-_0w", "2o" },
843 { "G", 0, STD_C99, NOLENGTHS, "-_0Ow", "o" },
844 { "h", 0, STD_C99, NOLENGTHS, "^#", "" },
845 { "z", 0, STD_C99, NOLENGTHS, "O", "o" },
846 /* GNU conversion specifiers. */
847 { "kls", 0, STD_EXT, NOLENGTHS, "-_0Ow", "" },
848 { "P", 0, STD_EXT, NOLENGTHS, "", "" },
849 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
852 static const format_char_info monetary_char_table[] =
854 { "in", 0, STD_C89, { T89_D, BADLEN, BADLEN, BADLEN, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "=^+(!-w#p", "" },
855 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
859 /* This must be in the same order as enum format_type. */
860 static const format_kind_info format_types[] =
862 { "printf", printf_length_specs, print_char_table, " +#0-'I", NULL,
863 printf_flag_specs, printf_flag_pairs,
864 FMT_FLAG_ARG_CONVERT|FMT_FLAG_DOLLAR_MULTIPLE|FMT_FLAG_USE_DOLLAR|FMT_FLAG_EMPTY_PREC_OK,
866 &integer_type_node, &integer_type_node, 0
868 { "scanf", scanf_length_specs, scan_char_table, "*'I", NULL,
869 scanf_flag_specs, scanf_flag_pairs,
870 FMT_FLAG_ARG_CONVERT|FMT_FLAG_SCANF_A_KLUDGE|FMT_FLAG_USE_DOLLAR|FMT_FLAG_ZERO_WIDTH_BAD|FMT_FLAG_DOLLAR_GAP_POINTER_OK,
874 { "strftime", NULL, time_char_table, "_-0^#", "EO",
875 strftime_flag_specs, strftime_flag_pairs,
876 FMT_FLAG_FANCY_PERCENT_OK, 'w', 0, 0, 0, 0,
879 { "strfmon", strfmon_length_specs, monetary_char_table, "=^+(!-", NULL,
880 strfmon_flag_specs, strfmon_flag_pairs,
881 FMT_FLAG_ARG_CONVERT, 'w', '#', 'p', 0, 'L',
884 { "printf0", printf_length_specs, print_char_table, " +#0-'I", NULL,
885 printf_flag_specs, printf_flag_pairs,
886 FMT_FLAG_ARG_CONVERT|FMT_FLAG_DOLLAR_MULTIPLE|FMT_FLAG_USE_DOLLAR|FMT_FLAG_EMPTY_PREC_OK,
888 &integer_type_node, &integer_type_node, 1
893 /* Structure detailing the results of checking a format function call
894 where the format expression may be a conditional expression with
895 many leaves resulting from nested conditional expressions. */
898 /* Number of leaves of the format argument that could not be checked
899 as they were not string literals. */
900 int number_non_literal;
901 /* Number of leaves of the format argument that were null pointers or
902 string literals, but had extra format arguments. */
903 int number_extra_args;
904 /* Number of leaves of the format argument that were null pointers or
905 string literals, but had extra format arguments and used $ operand
907 int number_dollar_extra_args;
908 /* Number of leaves of the format argument that were wide string
911 /* Number of leaves of the format argument that were empty strings. */
913 /* Number of leaves of the format argument that were unterminated
915 int number_unterminated;
916 /* Number of leaves of the format argument that were not counted above. */
918 } format_check_results;
920 static void check_format_info PARAMS ((int *, function_format_info *, tree));
921 static void check_format_info_recurse PARAMS ((int *, format_check_results *,
922 function_format_info *, tree,
923 tree, unsigned HOST_WIDE_INT));
924 static void check_format_info_main PARAMS ((int *, format_check_results *,
925 function_format_info *,
926 const char *, int, tree,
927 unsigned HOST_WIDE_INT));
928 static void status_warning PARAMS ((int *, const char *, ...))
931 static void init_dollar_format_checking PARAMS ((int, tree));
932 static int maybe_read_dollar_number PARAMS ((int *, const char **, int,
934 const format_kind_info *));
935 static void finish_dollar_format_checking PARAMS ((int *, format_check_results *, int));
937 static const format_flag_spec *get_flag_spec PARAMS ((const format_flag_spec *,
940 static void check_format_types PARAMS ((int *, format_wanted_type *));
942 /* Decode a format type from a string, returning the type, or
943 format_type_error if not valid, in which case the caller should print an
945 static enum format_type
946 decode_format_type (s)
952 for (i = 0; i < (int) format_type_error; i++)
955 if (!strcmp (s, format_types[i].name))
957 alen = strlen (format_types[i].name);
958 if (slen == alen + 4 && s[0] == '_' && s[1] == '_'
959 && s[slen - 1] == '_' && s[slen - 2] == '_'
960 && !strncmp (s + 2, format_types[i].name, alen))
963 return ((enum format_type) i);
967 /* Check the argument list of a call to printf, scanf, etc.
968 ATTRS are the attributes on the function type.
969 PARAMS is the list of argument values. Also, if -Wmissing-format-attribute,
970 warn for calls to vprintf or vscanf in functions with no such format
971 attribute themselves. */
974 check_function_format (status, attrs, params)
981 /* See if this function has any format attributes. */
982 for (a = attrs; a; a = TREE_CHAIN (a))
984 if (is_attribute_p ("format", TREE_PURPOSE (a)))
987 function_format_info info;
988 decode_format_attr (TREE_VALUE (a), &info, 1);
989 check_format_info (status, &info, params);
990 if (warn_missing_format_attribute && info.first_arg_num == 0
991 && (format_types[info.format_type].flags
992 & (int) FMT_FLAG_ARG_CONVERT))
995 for (c = TYPE_ATTRIBUTES (TREE_TYPE (current_function_decl));
998 if (is_attribute_p ("format", TREE_PURPOSE (c))
999 && (decode_format_type (IDENTIFIER_POINTER
1000 (TREE_VALUE (TREE_VALUE (c))))
1001 == info.format_type))
1005 /* Check if the current function has a parameter to which
1006 the format attribute could be attached; if not, it
1007 can't be a candidate for a format attribute, despite
1008 the vprintf-like or vscanf-like call. */
1010 for (args = DECL_ARGUMENTS (current_function_decl);
1012 args = TREE_CHAIN (args))
1014 if (TREE_CODE (TREE_TYPE (args)) == POINTER_TYPE
1015 && (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (args)))
1020 warning ("function might be possible candidate for `%s' format attribute",
1021 format_types[info.format_type].name);
1028 /* This function replaces `warning' inside the printf format checking
1029 functions. If the `status' parameter is non-NULL, then it is
1030 dereferenced and set to 1 whenever a warning is caught. Otherwise
1031 it warns as usual by replicating the innards of the warning
1032 function from diagnostic.c. */
1034 status_warning VPARAMS ((int *status, const char *msgid, ...))
1036 diagnostic_context dc;
1038 VA_OPEN (ap, msgid);
1039 VA_FIXEDARG (ap, int *, status);
1040 VA_FIXEDARG (ap, const char *, msgid);
1046 /* This duplicates the warning function behavior. */
1047 set_diagnostic_context
1048 (&dc, msgid, &ap, input_filename, lineno, /* warn = */ 1);
1049 report_diagnostic (&dc);
1055 /* Variables used by the checking of $ operand number formats. */
1056 static char *dollar_arguments_used = NULL;
1057 static char *dollar_arguments_pointer_p = NULL;
1058 static int dollar_arguments_alloc = 0;
1059 static int dollar_arguments_count;
1060 static int dollar_first_arg_num;
1061 static int dollar_max_arg_used;
1062 static int dollar_format_warned;
1064 /* Initialize the checking for a format string that may contain $
1065 parameter number specifications; we will need to keep track of whether
1066 each parameter has been used. FIRST_ARG_NUM is the number of the first
1067 argument that is a parameter to the format, or 0 for a vprintf-style
1068 function; PARAMS is the list of arguments starting at this argument. */
1071 init_dollar_format_checking (first_arg_num, params)
1075 tree oparams = params;
1077 dollar_first_arg_num = first_arg_num;
1078 dollar_arguments_count = 0;
1079 dollar_max_arg_used = 0;
1080 dollar_format_warned = 0;
1081 if (first_arg_num > 0)
1085 dollar_arguments_count++;
1086 params = TREE_CHAIN (params);
1089 if (dollar_arguments_alloc < dollar_arguments_count)
1091 if (dollar_arguments_used)
1092 free (dollar_arguments_used);
1093 if (dollar_arguments_pointer_p)
1094 free (dollar_arguments_pointer_p);
1095 dollar_arguments_alloc = dollar_arguments_count;
1096 dollar_arguments_used = xmalloc (dollar_arguments_alloc);
1097 dollar_arguments_pointer_p = xmalloc (dollar_arguments_alloc);
1099 if (dollar_arguments_alloc)
1101 memset (dollar_arguments_used, 0, dollar_arguments_alloc);
1102 if (first_arg_num > 0)
1108 dollar_arguments_pointer_p[i] = (TREE_CODE (TREE_TYPE (TREE_VALUE (params)))
1110 params = TREE_CHAIN (params);
1118 /* Look for a decimal number followed by a $ in *FORMAT. If DOLLAR_NEEDED
1119 is set, it is an error if one is not found; otherwise, it is OK. If
1120 such a number is found, check whether it is within range and mark that
1121 numbered operand as being used for later checking. Returns the operand
1122 number if found and within range, zero if no such number was found and
1123 this is OK, or -1 on error. PARAMS points to the first operand of the
1124 format; PARAM_PTR is made to point to the parameter referred to. If
1125 a $ format is found, *FORMAT is updated to point just after it. */
1128 maybe_read_dollar_number (status, format, dollar_needed, params, param_ptr,
1131 const char **format;
1135 const format_kind_info *fki;
1139 const char *fcp = *format;
1140 if (! ISDIGIT (*fcp))
1144 status_warning (status, "missing $ operand number in format");
1152 while (ISDIGIT (*fcp))
1155 nargnum = 10 * argnum + (*fcp - '0');
1156 if (nargnum < 0 || nargnum / 10 != argnum)
1165 status_warning (status, "missing $ operand number in format");
1172 if (pedantic && !dollar_format_warned)
1174 status_warning (status,
1175 "%s does not support %%n$ operand number formats",
1176 C_STD_NAME (STD_EXT));
1177 dollar_format_warned = 1;
1179 if (overflow_flag || argnum == 0
1180 || (dollar_first_arg_num && argnum > dollar_arguments_count))
1182 status_warning (status, "operand number out of range in format");
1185 if (argnum > dollar_max_arg_used)
1186 dollar_max_arg_used = argnum;
1187 /* For vprintf-style functions we may need to allocate more memory to
1188 track which arguments are used. */
1189 while (dollar_arguments_alloc < dollar_max_arg_used)
1192 nalloc = 2 * dollar_arguments_alloc + 16;
1193 dollar_arguments_used = xrealloc (dollar_arguments_used, nalloc);
1194 dollar_arguments_pointer_p = xrealloc (dollar_arguments_pointer_p,
1196 memset (dollar_arguments_used + dollar_arguments_alloc, 0,
1197 nalloc - dollar_arguments_alloc);
1198 dollar_arguments_alloc = nalloc;
1200 if (!(fki->flags & (int) FMT_FLAG_DOLLAR_MULTIPLE)
1201 && dollar_arguments_used[argnum - 1] == 1)
1203 dollar_arguments_used[argnum - 1] = 2;
1204 status_warning (status,
1205 "format argument %d used more than once in %s format",
1209 dollar_arguments_used[argnum - 1] = 1;
1210 if (dollar_first_arg_num)
1213 *param_ptr = params;
1214 for (i = 1; i < argnum && *param_ptr != 0; i++)
1215 *param_ptr = TREE_CHAIN (*param_ptr);
1217 if (*param_ptr == 0)
1219 /* This case shouldn't be caught here. */
1229 /* Finish the checking for a format string that used $ operand number formats
1230 instead of non-$ formats. We check for unused operands before used ones
1231 (a serious error, since the implementation of the format function
1232 can't know what types to pass to va_arg to find the later arguments).
1233 and for unused operands at the end of the format (if we know how many
1234 arguments the format had, so not for vprintf). If there were operand
1235 numbers out of range on a non-vprintf-style format, we won't have reached
1236 here. If POINTER_GAP_OK, unused arguments are OK if all arguments are
1240 finish_dollar_format_checking (status, res, pointer_gap_ok)
1242 format_check_results *res;
1246 bool found_pointer_gap = false;
1247 for (i = 0; i < dollar_max_arg_used; i++)
1249 if (!dollar_arguments_used[i])
1251 if (pointer_gap_ok && (dollar_first_arg_num == 0
1252 || dollar_arguments_pointer_p[i]))
1253 found_pointer_gap = true;
1255 status_warning (status, "format argument %d unused before used argument %d in $-style format",
1256 i + 1, dollar_max_arg_used);
1259 if (found_pointer_gap
1260 || (dollar_first_arg_num
1261 && dollar_max_arg_used < dollar_arguments_count))
1263 res->number_other--;
1264 res->number_dollar_extra_args++;
1269 /* Retrieve the specification for a format flag. SPEC contains the
1270 specifications for format flags for the applicable kind of format.
1271 FLAG is the flag in question. If PREDICATES is NULL, the basic
1272 spec for that flag must be retrieved and this function aborts if
1273 it cannot be found. If PREDICATES is not NULL, it is a string listing
1274 possible predicates for the spec entry; if an entry predicated on any
1275 of these is found, it is returned, otherwise NULL is returned. */
1277 static const format_flag_spec *
1278 get_flag_spec (spec, flag, predicates)
1279 const format_flag_spec *spec;
1281 const char *predicates;
1284 for (i = 0; spec[i].flag_char != 0; i++)
1286 if (spec[i].flag_char != flag)
1288 if (predicates != NULL)
1290 if (spec[i].predicate != 0
1291 && strchr (predicates, spec[i].predicate) != 0)
1294 else if (spec[i].predicate == 0)
1297 if (predicates == NULL)
1304 /* Check the argument list of a call to printf, scanf, etc.
1305 INFO points to the function_format_info structure.
1306 PARAMS is the list of argument values. */
1309 check_format_info (status, info, params)
1311 function_format_info *info;
1314 unsigned HOST_WIDE_INT arg_num;
1316 format_check_results res;
1317 /* Skip to format argument. If the argument isn't available, there's
1318 no work for us to do; prototype checking will catch the problem. */
1319 for (arg_num = 1; ; ++arg_num)
1323 if (arg_num == info->format_num)
1325 params = TREE_CHAIN (params);
1327 format_tree = TREE_VALUE (params);
1328 params = TREE_CHAIN (params);
1329 if (format_tree == 0)
1332 res.number_non_literal = 0;
1333 res.number_extra_args = 0;
1334 res.number_dollar_extra_args = 0;
1335 res.number_wide = 0;
1336 res.number_empty = 0;
1337 res.number_unterminated = 0;
1338 res.number_other = 0;
1340 check_format_info_recurse (status, &res, info, format_tree, params, arg_num);
1342 if (res.number_non_literal > 0)
1344 /* Functions taking a va_list normally pass a non-literal format
1345 string. These functions typically are declared with
1346 first_arg_num == 0, so avoid warning in those cases. */
1347 if (!(format_types[info->format_type].flags & (int) FMT_FLAG_ARG_CONVERT))
1349 /* For strftime-like formats, warn for not checking the format
1350 string; but there are no arguments to check. */
1351 if (warn_format_nonliteral)
1352 status_warning (status, "format not a string literal, format string not checked");
1354 else if (info->first_arg_num != 0)
1356 /* If there are no arguments for the format at all, we may have
1357 printf (foo) which is likely to be a security hole. */
1358 while (arg_num + 1 < info->first_arg_num)
1362 params = TREE_CHAIN (params);
1365 if (params == 0 && (warn_format_nonliteral || warn_format_security))
1366 status_warning (status, "format not a string literal and no format arguments");
1367 else if (warn_format_nonliteral)
1368 status_warning (status, "format not a string literal, argument types not checked");
1372 /* If there were extra arguments to the format, normally warn. However,
1373 the standard does say extra arguments are ignored, so in the specific
1374 case where we have multiple leaves (conditional expressions or
1375 ngettext) allow extra arguments if at least one leaf didn't have extra
1376 arguments, but was otherwise OK (either non-literal or checked OK).
1377 If the format is an empty string, this should be counted similarly to the
1378 case of extra format arguments. */
1379 if (res.number_extra_args > 0 && res.number_non_literal == 0
1380 && res.number_other == 0 && warn_format_extra_args)
1381 status_warning (status, "too many arguments for format");
1382 if (res.number_dollar_extra_args > 0 && res.number_non_literal == 0
1383 && res.number_other == 0 && warn_format_extra_args)
1384 status_warning (status, "unused arguments in $-style format");
1385 if (res.number_empty > 0 && res.number_non_literal == 0
1386 && res.number_other == 0)
1387 status_warning (status, "zero-length format string");
1389 if (res.number_wide > 0)
1390 status_warning (status, "format is a wide character string");
1392 if (res.number_unterminated > 0)
1393 status_warning (status, "unterminated format string");
1397 /* Recursively check a call to a format function. FORMAT_TREE is the
1398 format parameter, which may be a conditional expression in which
1399 both halves should be checked. ARG_NUM is the number of the
1400 format argument; PARAMS points just after it in the argument list. */
1403 check_format_info_recurse (status, res, info, format_tree, params, arg_num)
1405 format_check_results *res;
1406 function_format_info *info;
1409 unsigned HOST_WIDE_INT arg_num;
1412 HOST_WIDE_INT offset;
1413 const char *format_chars;
1414 tree array_size = 0;
1417 if (TREE_CODE (format_tree) == NOP_EXPR)
1419 /* Strip coercion. */
1420 check_format_info_recurse (status, res, info,
1421 TREE_OPERAND (format_tree, 0), params,
1426 if (TREE_CODE (format_tree) == CALL_EXPR)
1428 tree type = TREE_TYPE (TREE_TYPE (TREE_OPERAND (format_tree, 0)));
1430 bool found_format_arg = false;
1432 /* See if this is a call to a known internationalization function
1433 that modifies the format arg. Such a function may have multiple
1434 format_arg attributes (for example, ngettext). */
1436 for (attrs = TYPE_ATTRIBUTES (type);
1438 attrs = TREE_CHAIN (attrs))
1439 if (is_attribute_p ("format_arg", TREE_PURPOSE (attrs)))
1442 tree format_num_expr;
1446 /* Extract the argument number, which was previously checked
1448 format_num_expr = TREE_VALUE (TREE_VALUE (attrs));
1449 while (TREE_CODE (format_num_expr) == NOP_EXPR
1450 || TREE_CODE (format_num_expr) == CONVERT_EXPR
1451 || TREE_CODE (format_num_expr) == NON_LVALUE_EXPR)
1452 format_num_expr = TREE_OPERAND (format_num_expr, 0);
1454 if (TREE_CODE (format_num_expr) != INTEGER_CST
1455 || TREE_INT_CST_HIGH (format_num_expr) != 0)
1458 format_num = TREE_INT_CST_LOW (format_num_expr);
1460 for (inner_args = TREE_OPERAND (format_tree, 1), i = 1;
1462 inner_args = TREE_CHAIN (inner_args), i++)
1463 if (i == format_num)
1465 check_format_info_recurse (status, res, info,
1466 TREE_VALUE (inner_args), params,
1468 found_format_arg = true;
1473 /* If we found a format_arg attribute and did a recursive check,
1474 we are done with checking this format string. Otherwise, we
1475 continue and this will count as a non-literal format string. */
1476 if (found_format_arg)
1480 if (TREE_CODE (format_tree) == COND_EXPR)
1482 /* Check both halves of the conditional expression. */
1483 check_format_info_recurse (status, res, info,
1484 TREE_OPERAND (format_tree, 1), params,
1486 check_format_info_recurse (status, res, info,
1487 TREE_OPERAND (format_tree, 2), params,
1492 if (integer_zerop (format_tree))
1494 /* FIXME: this warning should go away once Marc Espie's
1495 __attribute__((nonnull)) patch is in. Instead, checking for
1496 nonnull attributes should probably change this function to act
1497 specially if info == NULL and add a res->number_null entry for
1498 that case, or maybe add a function pointer to be called at
1499 the end instead of hardcoding check_format_info_main. */
1500 if (!format_types[info->format_type].null_format_ok)
1501 status_warning (status, "null format string");
1503 /* Skip to first argument to check, so we can see if this format
1504 has any arguments (it shouldn't). */
1505 while (arg_num + 1 < info->first_arg_num)
1509 params = TREE_CHAIN (params);
1514 res->number_other++;
1516 res->number_extra_args++;
1522 if (TREE_CODE (format_tree) == PLUS_EXPR)
1526 arg0 = TREE_OPERAND (format_tree, 0);
1527 arg1 = TREE_OPERAND (format_tree, 1);
1530 if (TREE_CODE (arg1) == INTEGER_CST)
1532 else if (TREE_CODE (arg0) == INTEGER_CST)
1539 res->number_non_literal++;
1542 if (!host_integerp (arg1, 0)
1543 || (offset = tree_low_cst (arg1, 0)) < 0)
1545 res->number_non_literal++;
1549 if (TREE_CODE (format_tree) != ADDR_EXPR)
1551 res->number_non_literal++;
1554 format_tree = TREE_OPERAND (format_tree, 0);
1555 if (TREE_CODE (format_tree) == VAR_DECL
1556 && TREE_CODE (TREE_TYPE (format_tree)) == ARRAY_TYPE
1557 && (array_init = decl_constant_value (format_tree)) != format_tree
1558 && TREE_CODE (array_init) == STRING_CST)
1560 /* Extract the string constant initializer. Note that this may include
1561 a trailing NUL character that is not in the array (e.g.
1562 const char a[3] = "foo";). */
1563 array_size = DECL_SIZE_UNIT (format_tree);
1564 format_tree = array_init;
1566 if (TREE_CODE (format_tree) != STRING_CST)
1568 res->number_non_literal++;
1571 if (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (format_tree))) != char_type_node)
1576 format_chars = TREE_STRING_POINTER (format_tree);
1577 format_length = TREE_STRING_LENGTH (format_tree);
1578 if (array_size != 0)
1580 /* Variable length arrays can't be initialized. */
1581 if (TREE_CODE (array_size) != INTEGER_CST)
1583 if (host_integerp (array_size, 0))
1585 HOST_WIDE_INT array_size_value = TREE_INT_CST_LOW (array_size);
1586 if (array_size_value > 0
1587 && array_size_value == (int) array_size_value
1588 && format_length > array_size_value)
1589 format_length = array_size_value;
1594 if (offset >= format_length)
1596 res->number_non_literal++;
1599 format_chars += offset;
1600 format_length -= offset;
1602 if (format_length < 1)
1604 res->number_unterminated++;
1607 if (format_length == 1)
1609 res->number_empty++;
1612 if (format_chars[--format_length] != 0)
1614 res->number_unterminated++;
1618 /* Skip to first argument to check. */
1619 while (arg_num + 1 < info->first_arg_num)
1623 params = TREE_CHAIN (params);
1626 /* Provisionally increment res->number_other; check_format_info_main
1627 will decrement it if it finds there are extra arguments, but this way
1628 need not adjust it for every return. */
1629 res->number_other++;
1630 check_format_info_main (status, res, info, format_chars, format_length,
1635 /* Do the main part of checking a call to a format function. FORMAT_CHARS
1636 is the NUL-terminated format string (which at this point may contain
1637 internal NUL characters); FORMAT_LENGTH is its length (excluding the
1638 terminating NUL character). ARG_NUM is one less than the number of
1639 the first format argument to check; PARAMS points to that format
1640 argument in the list of arguments. */
1643 check_format_info_main (status, res, info, format_chars, format_length,
1646 format_check_results *res;
1647 function_format_info *info;
1648 const char *format_chars;
1651 unsigned HOST_WIDE_INT arg_num;
1653 const char *orig_format_chars = format_chars;
1654 tree first_fillin_param = params;
1656 const format_kind_info *fki = &format_types[info->format_type];
1657 const format_flag_spec *flag_specs = fki->flag_specs;
1658 const format_flag_pair *bad_flag_pairs = fki->bad_flag_pairs;
1660 /* -1 if no conversions taking an operand have been found; 0 if one has
1661 and it didn't use $; 1 if $ formats are in use. */
1662 int has_operand_number = -1;
1664 init_dollar_format_checking (info->first_arg_num, first_fillin_param);
1669 int suppressed = FALSE;
1670 const char *length_chars = NULL;
1671 enum format_lengths length_chars_val = FMT_LEN_none;
1672 enum format_std_version length_chars_std = STD_C89;
1676 int main_arg_num = 0;
1677 tree main_arg_params = 0;
1678 enum format_std_version wanted_type_std;
1679 const char *wanted_type_name;
1680 format_wanted_type width_wanted_type;
1681 format_wanted_type precision_wanted_type;
1682 format_wanted_type main_wanted_type;
1683 format_wanted_type *first_wanted_type = NULL;
1684 format_wanted_type *last_wanted_type = NULL;
1685 const format_length_info *fli = NULL;
1686 const format_char_info *fci = NULL;
1687 char flag_chars[256];
1689 if (*format_chars == 0)
1691 if (format_chars - orig_format_chars != format_length)
1692 status_warning (status, "embedded `\\0' in format");
1693 if (info->first_arg_num != 0 && params != 0
1694 && has_operand_number <= 0)
1696 res->number_other--;
1697 res->number_extra_args++;
1699 if (has_operand_number > 0)
1700 finish_dollar_format_checking (status, res, fki->flags & (int) FMT_FLAG_DOLLAR_GAP_POINTER_OK);
1703 if (*format_chars++ != '%')
1705 if (*format_chars == 0)
1707 status_warning (status, "spurious trailing `%%' in format");
1710 if (*format_chars == '%')
1717 if ((fki->flags & (int) FMT_FLAG_USE_DOLLAR) && has_operand_number != 0)
1719 /* Possibly read a $ operand number at the start of the format.
1720 If one was previously used, one is required here. If one
1721 is not used here, we can't immediately conclude this is a
1722 format without them, since it could be printf %m or scanf %*. */
1724 opnum = maybe_read_dollar_number (status, &format_chars, 0,
1726 &main_arg_params, fki);
1731 has_operand_number = 1;
1732 main_arg_num = opnum + info->first_arg_num - 1;
1736 /* Read any format flags, but do not yet validate them beyond removing
1737 duplicates, since in general validation depends on the rest of
1739 while (*format_chars != 0
1740 && strchr (fki->flag_chars, *format_chars) != 0)
1742 const format_flag_spec *s = get_flag_spec (flag_specs,
1743 *format_chars, NULL);
1744 if (strchr (flag_chars, *format_chars) != 0)
1746 status_warning (status, "repeated %s in format", _(s->name));
1750 i = strlen (flag_chars);
1751 flag_chars[i++] = *format_chars;
1754 if (s->skip_next_char)
1757 if (*format_chars == 0)
1759 status_warning (status, "missing fill character at end of strfmon format");
1766 /* Read any format width, possibly * or *m$. */
1767 if (fki->width_char != 0)
1769 if (fki->width_type != NULL && *format_chars == '*')
1771 i = strlen (flag_chars);
1772 flag_chars[i++] = fki->width_char;
1774 /* "...a field width...may be indicated by an asterisk.
1775 In this case, an int argument supplies the field width..." */
1779 status_warning (status, "too few arguments for format");
1782 if (has_operand_number != 0)
1785 opnum = maybe_read_dollar_number (status, &format_chars,
1786 has_operand_number == 1,
1793 has_operand_number = 1;
1794 arg_num = opnum + info->first_arg_num - 1;
1797 has_operand_number = 0;
1799 if (info->first_arg_num != 0)
1801 cur_param = TREE_VALUE (params);
1802 if (has_operand_number <= 0)
1804 params = TREE_CHAIN (params);
1807 width_wanted_type.wanted_type = *fki->width_type;
1808 width_wanted_type.wanted_type_name = NULL;
1809 width_wanted_type.pointer_count = 0;
1810 width_wanted_type.char_lenient_flag = 0;
1811 width_wanted_type.writing_in_flag = 0;
1812 width_wanted_type.reading_from_flag = 0;
1813 width_wanted_type.name = _("field width");
1814 width_wanted_type.param = cur_param;
1815 width_wanted_type.arg_num = arg_num;
1816 width_wanted_type.next = NULL;
1817 if (last_wanted_type != 0)
1818 last_wanted_type->next = &width_wanted_type;
1819 if (first_wanted_type == 0)
1820 first_wanted_type = &width_wanted_type;
1821 last_wanted_type = &width_wanted_type;
1826 /* Possibly read a numeric width. If the width is zero,
1827 we complain if appropriate. */
1828 int non_zero_width_char = FALSE;
1829 int found_width = FALSE;
1830 while (ISDIGIT (*format_chars))
1833 if (*format_chars != '0')
1834 non_zero_width_char = TRUE;
1837 if (found_width && !non_zero_width_char &&
1838 (fki->flags & (int) FMT_FLAG_ZERO_WIDTH_BAD))
1839 status_warning (status, "zero width in %s format",
1843 i = strlen (flag_chars);
1844 flag_chars[i++] = fki->width_char;
1850 /* Read any format left precision (must be a number, not *). */
1851 if (fki->left_precision_char != 0 && *format_chars == '#')
1854 i = strlen (flag_chars);
1855 flag_chars[i++] = fki->left_precision_char;
1857 if (!ISDIGIT (*format_chars))
1858 status_warning (status, "empty left precision in %s format",
1860 while (ISDIGIT (*format_chars))
1864 /* Read any format precision, possibly * or *m$. */
1865 if (fki->precision_char != 0 && *format_chars == '.')
1868 i = strlen (flag_chars);
1869 flag_chars[i++] = fki->precision_char;
1871 if (fki->precision_type != NULL && *format_chars == '*')
1873 /* "...a...precision...may be indicated by an asterisk.
1874 In this case, an int argument supplies the...precision." */
1876 if (has_operand_number != 0)
1879 opnum = maybe_read_dollar_number (status, &format_chars,
1880 has_operand_number == 1,
1887 has_operand_number = 1;
1888 arg_num = opnum + info->first_arg_num - 1;
1891 has_operand_number = 0;
1893 if (info->first_arg_num != 0)
1897 status_warning (status, "too few arguments for format");
1900 cur_param = TREE_VALUE (params);
1901 if (has_operand_number <= 0)
1903 params = TREE_CHAIN (params);
1906 precision_wanted_type.wanted_type = *fki->precision_type;
1907 precision_wanted_type.wanted_type_name = NULL;
1908 precision_wanted_type.pointer_count = 0;
1909 precision_wanted_type.char_lenient_flag = 0;
1910 precision_wanted_type.writing_in_flag = 0;
1911 precision_wanted_type.reading_from_flag = 0;
1912 precision_wanted_type.name = _("field precision");
1913 precision_wanted_type.param = cur_param;
1914 precision_wanted_type.arg_num = arg_num;
1915 precision_wanted_type.next = NULL;
1916 if (last_wanted_type != 0)
1917 last_wanted_type->next = &precision_wanted_type;
1918 if (first_wanted_type == 0)
1919 first_wanted_type = &precision_wanted_type;
1920 last_wanted_type = &precision_wanted_type;
1925 if (!(fki->flags & (int) FMT_FLAG_EMPTY_PREC_OK)
1926 && !ISDIGIT (*format_chars))
1927 status_warning (status, "empty precision in %s format",
1929 while (ISDIGIT (*format_chars))
1934 /* Read any length modifier, if this kind of format has them. */
1935 fli = fki->length_char_specs;
1936 length_chars = NULL;
1937 length_chars_val = FMT_LEN_none;
1938 length_chars_std = STD_C89;
1941 while (fli->name != 0 && fli->name[0] != *format_chars)
1946 if (fli->double_name != 0 && fli->name[0] == *format_chars)
1949 length_chars = fli->double_name;
1950 length_chars_val = fli->double_index;
1951 length_chars_std = fli->double_std;
1955 length_chars = fli->name;
1956 length_chars_val = fli->index;
1957 length_chars_std = fli->std;
1959 i = strlen (flag_chars);
1960 flag_chars[i++] = fki->length_code_char;
1965 /* Warn if the length modifier is non-standard. */
1966 if (ADJ_STD (length_chars_std) > C_STD_VER)
1967 status_warning (status, "%s does not support the `%s' %s length modifier",
1968 C_STD_NAME (length_chars_std), length_chars,
1973 /* Read any modifier (strftime E/O). */
1974 if (fki->modifier_chars != NULL)
1976 while (*format_chars != 0
1977 && strchr (fki->modifier_chars, *format_chars) != 0)
1979 if (strchr (flag_chars, *format_chars) != 0)
1981 const format_flag_spec *s = get_flag_spec (flag_specs,
1982 *format_chars, NULL);
1983 status_warning (status, "repeated %s in format", _(s->name));
1987 i = strlen (flag_chars);
1988 flag_chars[i++] = *format_chars;
1995 /* Handle the scanf allocation kludge. */
1996 if (fki->flags & (int) FMT_FLAG_SCANF_A_KLUDGE)
1998 if (*format_chars == 'a' && !flag_isoc99)
2000 if (format_chars[1] == 's' || format_chars[1] == 'S'
2001 || format_chars[1] == '[')
2003 /* `a' is used as a flag. */
2004 i = strlen (flag_chars);
2005 flag_chars[i++] = 'a';
2012 if (*format_chars == 'b')
2014 /* There should be an int arg to control the string arg. */
2017 status_warning (status, "too few arguments for format");
2020 if (info->first_arg_num != 0)
2022 cur_param = TREE_VALUE (params);
2023 params = TREE_CHAIN (params);
2025 if ((TYPE_MAIN_VARIANT (TREE_TYPE (cur_param))
2026 != integer_type_node)
2028 (TYPE_MAIN_VARIANT (TREE_TYPE (cur_param))
2029 != unsigned_type_node))
2031 status_warning (status, "bitmap is not type int (arg %d)",
2036 if (*format_chars == 'D')
2038 /* There should be an unsigned char * arg before the string arg. */
2041 status_warning (status, "too few arguments for format");
2044 if (info->first_arg_num != 0)
2048 cur_param = TREE_VALUE (params);
2049 params = TREE_CHAIN (params);
2051 cur_type = TREE_TYPE (cur_param);
2052 if (TREE_CODE (cur_type) != POINTER_TYPE
2053 || TYPE_MAIN_VARIANT (TREE_TYPE (cur_type))
2054 != unsigned_char_type_node)
2056 status_warning (status,
2057 "ethernet address is not type unsigned char * (arg %d)",
2063 format_char = *format_chars;
2064 if (format_char == 0
2065 || (!(fki->flags & (int) FMT_FLAG_FANCY_PERCENT_OK)
2066 && format_char == '%'))
2068 status_warning (status, "conversion lacks type at end of format");
2072 fci = fki->conversion_specs;
2073 while (fci->format_chars != 0
2074 && strchr (fci->format_chars, format_char) == 0)
2076 if (fci->format_chars == 0)
2078 if (ISGRAPH(format_char))
2079 status_warning (status, "unknown conversion type character `%c' in format",
2082 status_warning (status, "unknown conversion type character 0x%x in format",
2088 if (ADJ_STD (fci->std) > C_STD_VER)
2089 status_warning (status, "%s does not support the `%%%c' %s format",
2090 C_STD_NAME (fci->std), format_char, fki->name);
2093 /* Validate the individual flags used, removing any that are invalid. */
2096 for (i = 0; flag_chars[i] != 0; i++)
2098 const format_flag_spec *s = get_flag_spec (flag_specs,
2099 flag_chars[i], NULL);
2100 flag_chars[i - d] = flag_chars[i];
2101 if (flag_chars[i] == fki->length_code_char)
2103 if (strchr (fci->flag_chars, flag_chars[i]) == 0)
2105 status_warning (status, "%s used with `%%%c' %s format",
2106 _(s->name), format_char, fki->name);
2112 const format_flag_spec *t;
2113 if (ADJ_STD (s->std) > C_STD_VER)
2114 status_warning (status, "%s does not support %s",
2115 C_STD_NAME (s->std), _(s->long_name));
2116 t = get_flag_spec (flag_specs, flag_chars[i], fci->flags2);
2117 if (t != NULL && ADJ_STD (t->std) > ADJ_STD (s->std))
2119 const char *long_name = (t->long_name != NULL
2122 if (ADJ_STD (t->std) > C_STD_VER)
2123 status_warning (status, "%s does not support %s with the `%%%c' %s format",
2124 C_STD_NAME (t->std), _(long_name),
2125 format_char, fki->name);
2129 flag_chars[i - d] = 0;
2132 if ((fki->flags & (int) FMT_FLAG_SCANF_A_KLUDGE)
2133 && strchr (flag_chars, 'a') != 0)
2136 if (fki->suppression_char
2137 && strchr (flag_chars, fki->suppression_char) != 0)
2140 /* Validate the pairs of flags used. */
2141 for (i = 0; bad_flag_pairs[i].flag_char1 != 0; i++)
2143 const format_flag_spec *s, *t;
2144 if (strchr (flag_chars, bad_flag_pairs[i].flag_char1) == 0)
2146 if (strchr (flag_chars, bad_flag_pairs[i].flag_char2) == 0)
2148 if (bad_flag_pairs[i].predicate != 0
2149 && strchr (fci->flags2, bad_flag_pairs[i].predicate) == 0)
2151 s = get_flag_spec (flag_specs, bad_flag_pairs[i].flag_char1, NULL);
2152 t = get_flag_spec (flag_specs, bad_flag_pairs[i].flag_char2, NULL);
2153 if (bad_flag_pairs[i].ignored)
2155 if (bad_flag_pairs[i].predicate != 0)
2156 status_warning (status, "%s ignored with %s and `%%%c' %s format",
2157 _(s->name), _(t->name), format_char,
2160 status_warning (status, "%s ignored with %s in %s format",
2161 _(s->name), _(t->name), fki->name);
2165 if (bad_flag_pairs[i].predicate != 0)
2166 status_warning (status, "use of %s and %s together with `%%%c' %s format",
2167 _(s->name), _(t->name), format_char,
2170 status_warning (status, "use of %s and %s together in %s format",
2171 _(s->name), _(t->name), fki->name);
2175 /* Give Y2K warnings. */
2176 if (warn_format_y2k)
2179 if (strchr (fci->flags2, '4') != 0)
2180 if (strchr (flag_chars, 'E') != 0)
2184 else if (strchr (fci->flags2, '3') != 0)
2186 else if (strchr (fci->flags2, '2') != 0)
2189 status_warning (status, "`%%%c' yields only last 2 digits of year in some locales on non-BSD systems",
2191 else if (y2k_level == 2)
2192 status_warning (status, "`%%%c' yields only last 2 digits of year", format_char);
2195 if (strchr (fci->flags2, '[') != 0)
2197 /* Skip over scan set, in case it happens to have '%' in it. */
2198 if (*format_chars == '^')
2200 /* Find closing bracket; if one is hit immediately, then
2201 it's part of the scan set rather than a terminator. */
2202 if (*format_chars == ']')
2204 while (*format_chars && *format_chars != ']')
2206 if (*format_chars != ']')
2207 /* The end of the format string was reached. */
2208 status_warning (status, "no closing `]' for `%%[' format");
2212 wanted_type_name = 0;
2213 if (fki->flags & (int) FMT_FLAG_ARG_CONVERT)
2215 wanted_type = (fci->types[length_chars_val].type
2216 ? *fci->types[length_chars_val].type : 0);
2217 wanted_type_name = fci->types[length_chars_val].name;
2218 wanted_type_std = fci->types[length_chars_val].std;
2219 if (wanted_type == 0)
2221 status_warning (status, "use of `%s' length modifier with `%c' type character",
2222 length_chars, format_char);
2223 /* Heuristic: skip one argument when an invalid length/type
2224 combination is encountered. */
2228 status_warning (status, "too few arguments for format");
2231 params = TREE_CHAIN (params);
2235 /* Warn if non-standard, provided it is more non-standard
2236 than the length and type characters that may already
2237 have been warned for. */
2238 && ADJ_STD (wanted_type_std) > ADJ_STD (length_chars_std)
2239 && ADJ_STD (wanted_type_std) > ADJ_STD (fci->std))
2241 if (ADJ_STD (wanted_type_std) > C_STD_VER)
2242 status_warning (status, "%s does not support the `%%%s%c' %s format",
2243 C_STD_NAME (wanted_type_std), length_chars,
2244 format_char, fki->name);
2248 /* Finally. . .check type of argument against desired type! */
2249 if (info->first_arg_num == 0)
2251 if ((fci->pointer_count == 0 && wanted_type == void_type_node)
2254 if (main_arg_num != 0)
2257 status_warning (status, "operand number specified with suppressed assignment");
2259 status_warning (status, "operand number specified for format taking no argument");
2264 if (main_arg_num != 0)
2266 arg_num = main_arg_num;
2267 params = main_arg_params;
2272 if (has_operand_number > 0)
2274 status_warning (status, "missing $ operand number in format");
2278 has_operand_number = 0;
2281 status_warning (status, "too few arguments for format");
2285 cur_param = TREE_VALUE (params);
2286 params = TREE_CHAIN (params);
2287 main_wanted_type.wanted_type = wanted_type;
2288 main_wanted_type.wanted_type_name = wanted_type_name;
2289 main_wanted_type.pointer_count = fci->pointer_count + aflag;
2290 main_wanted_type.char_lenient_flag = 0;
2291 if (strchr (fci->flags2, 'c') != 0)
2292 main_wanted_type.char_lenient_flag = 1;
2293 main_wanted_type.writing_in_flag = 0;
2294 main_wanted_type.reading_from_flag = 0;
2296 main_wanted_type.writing_in_flag = 1;
2299 if (strchr (fci->flags2, 'W') != 0)
2300 main_wanted_type.writing_in_flag = 1;
2301 if (strchr (fci->flags2, 'R') != 0)
2302 main_wanted_type.reading_from_flag = 1;
2304 main_wanted_type.name = NULL;
2305 main_wanted_type.param = cur_param;
2306 main_wanted_type.arg_num = arg_num;
2307 main_wanted_type.next = NULL;
2308 if (last_wanted_type != 0)
2309 last_wanted_type->next = &main_wanted_type;
2310 if (first_wanted_type == 0)
2311 first_wanted_type = &main_wanted_type;
2312 last_wanted_type = &main_wanted_type;
2315 if (first_wanted_type != 0)
2316 check_format_types (status, first_wanted_type);
2322 /* Check the argument types from a single format conversion (possibly
2323 including width and precision arguments). */
2325 check_format_types (status, types)
2327 format_wanted_type *types;
2329 for (; types != 0; types = types->next)
2339 cur_param = types->param;
2340 cur_type = TREE_TYPE (cur_param);
2341 if (cur_type == error_mark_node)
2344 wanted_type = types->wanted_type;
2345 arg_num = types->arg_num;
2347 /* The following should not occur here. */
2348 if (wanted_type == 0)
2350 if (wanted_type == void_type_node && types->pointer_count == 0)
2353 if (types->pointer_count == 0)
2355 promoted_type = simple_type_promotes_to (wanted_type);
2356 if (promoted_type != NULL_TREE)
2357 wanted_type = promoted_type;
2360 STRIP_NOPS (cur_param);
2362 /* Check the types of any additional pointer arguments
2363 that precede the "real" argument. */
2364 for (i = 0; i < types->pointer_count; ++i)
2366 if (TREE_CODE (cur_type) == POINTER_TYPE)
2368 cur_type = TREE_TYPE (cur_type);
2369 if (cur_type == error_mark_node)
2372 /* Check for writing through a NULL pointer. */
2373 if (types->writing_in_flag
2376 && integer_zerop (cur_param))
2377 status_warning (status,
2378 "writing through null pointer (arg %d)",
2381 /* Check for reading through a NULL pointer. */
2382 if (types->reading_from_flag
2385 && integer_zerop (cur_param))
2386 status_warning (status,
2387 "reading through null pointer (arg %d)",
2390 if (cur_param != 0 && TREE_CODE (cur_param) == ADDR_EXPR)
2391 cur_param = TREE_OPERAND (cur_param, 0);
2395 /* See if this is an attempt to write into a const type with
2396 scanf or with printf "%n". Note: the writing in happens
2397 at the first indirection only, if for example
2398 void * const * is passed to scanf %p; passing
2399 const void ** is simply passing an incompatible type. */
2400 if (types->writing_in_flag
2402 && (TYPE_READONLY (cur_type)
2404 && (TREE_CODE_CLASS (TREE_CODE (cur_param)) == 'c'
2405 || (DECL_P (cur_param)
2406 && TREE_READONLY (cur_param))))))
2407 status_warning (status, "writing into constant object (arg %d)", arg_num);
2409 /* If there are extra type qualifiers beyond the first
2410 indirection, then this makes the types technically
2414 && (TYPE_READONLY (cur_type)
2415 || TYPE_VOLATILE (cur_type)
2416 || TYPE_RESTRICT (cur_type)))
2417 status_warning (status, "extra type qualifiers in format argument (arg %d)",
2423 if (types->pointer_count == 1)
2424 status_warning (status, "format argument is not a pointer (arg %d)", arg_num);
2426 status_warning (status, "format argument is not a pointer to a pointer (arg %d)", arg_num);
2431 if (i < types->pointer_count)
2434 orig_cur_type = cur_type;
2435 cur_type = TYPE_MAIN_VARIANT (cur_type);
2437 /* Check whether the argument type is a character type. This leniency
2438 only applies to certain formats, flagged with 'c'.
2440 if (types->char_lenient_flag)
2441 char_type_flag = (cur_type == char_type_node
2442 || cur_type == signed_char_type_node
2443 || cur_type == unsigned_char_type_node);
2445 /* Check the type of the "real" argument, if there's a type we want. */
2446 if (wanted_type == cur_type)
2448 /* If we want `void *', allow any pointer type.
2449 (Anything else would already have got a warning.)
2450 With -pedantic, only allow pointers to void and to character
2452 if (wanted_type == void_type_node
2453 && (!pedantic || (i == 1 && char_type_flag)))
2455 /* Don't warn about differences merely in signedness, unless
2456 -pedantic. With -pedantic, warn if the type is a pointer
2457 target and not a character type, and for character types at
2458 a second level of indirection. */
2459 if (TREE_CODE (wanted_type) == INTEGER_TYPE
2460 && TREE_CODE (cur_type) == INTEGER_TYPE
2461 && (! pedantic || i == 0 || (i == 1 && char_type_flag))
2462 && (TREE_UNSIGNED (wanted_type)
2463 ? wanted_type == unsigned_type (cur_type)
2464 : wanted_type == signed_type (cur_type)))
2466 /* Likewise, "signed char", "unsigned char" and "char" are
2467 equivalent but the above test won't consider them equivalent. */
2468 if (wanted_type == char_type_node
2469 && (! pedantic || i < 2)
2472 /* Now we have a type mismatch. */
2477 this = IDENTIFIER_POINTER (DECL_NAME (TYPE_NAME (wanted_type)));
2479 if (TYPE_NAME (orig_cur_type) != 0
2480 && TREE_CODE (orig_cur_type) != INTEGER_TYPE
2481 && !(TREE_CODE (orig_cur_type) == POINTER_TYPE
2482 && TREE_CODE (TREE_TYPE (orig_cur_type)) == INTEGER_TYPE))
2484 if (TREE_CODE (TYPE_NAME (orig_cur_type)) == TYPE_DECL
2485 && DECL_NAME (TYPE_NAME (orig_cur_type)) != 0)
2486 that = IDENTIFIER_POINTER (DECL_NAME (TYPE_NAME (orig_cur_type)));
2488 that = IDENTIFIER_POINTER (TYPE_NAME (orig_cur_type));
2491 /* A nameless type can't possibly match what the format wants.
2492 So there will be a warning for it.
2493 Make up a string to describe vaguely what it is. */
2496 if (TREE_CODE (orig_cur_type) == POINTER_TYPE)
2497 that = _("pointer");
2499 that = _("different type");
2502 /* Make the warning better in case of mismatch of int vs long. */
2503 if (TREE_CODE (orig_cur_type) == INTEGER_TYPE
2504 && TREE_CODE (wanted_type) == INTEGER_TYPE
2505 && TYPE_PRECISION (orig_cur_type) == TYPE_PRECISION (wanted_type)
2506 && TYPE_NAME (orig_cur_type) != 0
2507 && TREE_CODE (TYPE_NAME (orig_cur_type)) == TYPE_DECL)
2508 that = IDENTIFIER_POINTER (DECL_NAME (TYPE_NAME (orig_cur_type)));
2510 if (strcmp (this, that) != 0)
2512 /* There may be a better name for the format, e.g. size_t,
2513 but we should allow for programs with a perverse typedef
2514 making size_t something other than what the compiler
2516 if (types->wanted_type_name != 0
2517 && strcmp (types->wanted_type_name, that) != 0)
2518 this = types->wanted_type_name;
2519 if (types->name != 0)
2520 status_warning (status, "%s is not type %s (arg %d)", types->name, this,
2523 status_warning (status, "%s format, %s arg (arg %d)", this, that, arg_num);