c-common.c (check_format_info): Warn for non-constant format strings with strftime...

	* c-common.c (check_format_info): Warn for non-constant format
	strings with strftime formats if -Wformat-nonliteral.  Where the
	format can convert arguments, if the format is not a string
	literal and there are no arguments to the format, give a different
	warning message from the general non-string-literal case.

testsuite:
	* gcc.dg/format-nonlit-3.c: New test.

From-SVN: r38105

diff --git a/gcc/ChangeLog b/gcc/ChangeLog
index 2119c93a63399d3549d9dd16f80f9b54c66e2b10..ab777ca90b2aea52994975a229db227a4a405fb4 100644 (file)
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,3 +1,11 @@
+2000-12-07  Joseph S. Myers  <jsm28@cam.ac.uk>
+
+       * c-common.c (check_format_info): Warn for non-constant format
+       strings with strftime formats if -Wformat-nonliteral.  Where the
+       format can convert arguments, if the format is not a string
+       literal and there are no arguments to the format, give a different
+       warning message from the general non-string-literal case.
+
 2000-12-07  Joseph S. Myers  <jsm28@cam.ac.uk>
 
        * c-common.c (format_wanted_type): Add reading_from_flag.

diff --git a/gcc/c-common.c b/gcc/c-common.c
index 7359b04822fc518c8eb1dc1e2dd83672f52f8526..5e7666a08b3939534eb2e39e7de0730d2ac6b40d 100644 (file)
--- a/gcc/c-common.c
+++ b/gcc/c-common.c
@@ -2345,8 +2345,29 @@ check_format_info (status, info, params)
       /* Functions taking a va_list normally pass a non-literal format
         string.  These functions typically are declared with
         first_arg_num == 0, so avoid warning in those cases.  */
-      if (info->first_arg_num != 0 && warn_format_nonliteral)
-       status_warning (status, "format not a string literal, argument types not checked");
+      if (!(format_types[info->format_type].flags & FMT_FLAG_ARG_CONVERT))
+       {
+         /* For strftime-like formats, warn for not checking the format
+            string; but there are no arguments to check.  */
+         if (warn_format_nonliteral)
+           status_warning (status, "format not a string literal, format string not checked");
+       }
+      else if (info->first_arg_num != 0)
+       {
+         /* If there are no arguments for the format at all, we may have
+            printf (foo) which is likely to be a security hole.  */
+         while (arg_num + 1 < info->first_arg_num)
+           {
+             if (params == 0)
+               break;
+             params = TREE_CHAIN (params);
+             ++arg_num;
+           }
+         if (params == 0 && warn_format_nonliteral)
+           status_warning (status, "format not a string literal and no format arguments");
+         else if (warn_format_nonliteral)
+           status_warning (status, "format not a string literal, argument types not checked");
+       }
     }
 
   /* If there were extra arguments to the format, normally warn.  However,

diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog
index 444f2d62de1e5a22a40e93f72b03839a1dd18de7..d5974942aaaad4d5d197b89cfd977708e9c4d1b2 100644 (file)
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,3 +1,7 @@
+2000-12-07  Joseph S. Myers  <jsm28@cam.ac.uk>
+
+       * gcc.dg/format-nonlit-3.c: New test.
+
 2000-12-07  Joseph S. Myers  <jsm28@cam.ac.uk>
 
        * gcc.dg/c90-printf-1.c: Add test for printf formats reading

diff --git a/gcc/testsuite/gcc.dg/format-nonlit-3.c b/gcc/testsuite/gcc.dg/format-nonlit-3.c
new file mode 100644 (file)
index 0000000..4423151
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/format-nonlit-3.c
@@ -0,0 +1,16 @@
+/* Test for warnings for non-string-literal formats.  Test for strftime formats.  */
+/* Origin: Joseph Myers <jsm28@cam.ac.uk> */
+/* { dg-do compile } */
+/* { dg-options "-std=gnu99 -Wformat -Wformat-nonliteral" } */
+
+typedef __SIZE_TYPE__ size_t;
+
+struct tm;
+
+extern size_t strftime (char *, size_t, const char *, const struct tm *);
+
+void
+foo (char *s, size_t m, const struct tm *tp, char *fmt)
+{
+  strftime (s, m, fmt, tp); /* { dg-warning "format string" "non-literal" } */
+}