search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2002-11-21 Phil Edwards <pme@gcc.gnu.org>
[official-gcc.git] / gcc / c-format.c
bloba8066df523571547073b697a3d816e795cb09094
1 /* Check calls to formatted I/O functions (-Wformat).
2 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
3 2001, 2002 Free Software Foundation, Inc.
4
5 This file is part of GCC.
6
7 GCC is free software; you can redistribute it and/or modify it under
8 the terms of the GNU General Public License as published by the Free
9 Software Foundation; either version 2, or (at your option) any later
10 version.
11
12 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
13 WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with GCC; see the file COPYING. If not, write to the Free
19 Software Foundation, 59 Temple Place - Suite 330, Boston, MA
20 02111-1307, USA. */
21
22 #include "config.h"
23 #include "system.h"
24 #include "tree.h"
25 #include "flags.h"
26 #include "toplev.h"
27 #include "c-common.h"
28 #include "intl.h"
29 #include "diagnostic.h"
30 #include "langhooks.h"
31 \f
32 /* Set format warning options according to a -Wformat=n option. */
33
34 void
35 set_Wformat (setting)
36 int setting;
37 {
38 warn_format = setting;
39 warn_format_y2k = setting;
40 warn_format_extra_args = setting;
41 warn_format_zero_length = setting;
42 if (setting != 1)
43 {
44 warn_format_nonliteral = setting;
45 warn_format_security = setting;
46 }
47 /* Make sure not to disable -Wnonnull if -Wformat=0 is specified. */
48 if (setting)
49 warn_nonnull = setting;
50 }
51
52 \f
53 /* Handle attributes associated with format checking. */
54
55 /* This must be in the same order as format_types, with format_type_error
56 last. */
57 enum format_type { printf_format_type, scanf_format_type,
58 strftime_format_type, strfmon_format_type,
59 format_type_error };
60
61 typedef struct function_format_info
62 {
63 enum format_type format_type; /* type of format (printf, scanf, etc.) */
64 unsigned HOST_WIDE_INT format_num; /* number of format argument */
65 unsigned HOST_WIDE_INT first_arg_num; /* number of first arg (zero for varargs) */
66 } function_format_info;
67
68 static bool decode_format_attr PARAMS ((tree,
69 function_format_info *, int));
70 static enum format_type decode_format_type PARAMS ((const char *));
71
72 /* Handle a "format" attribute; arguments as in
73 struct attribute_spec.handler. */
74 tree
75 handle_format_attribute (node, name, args, flags, no_add_attrs)
76 tree *node;
77 tree name ATTRIBUTE_UNUSED;
78 tree args;
79 int flags;
80 bool *no_add_attrs;
81 {
82 tree type = *node;
83 function_format_info info;
84 tree argument;
85 unsigned HOST_WIDE_INT arg_num;
86
87 if (!decode_format_attr (args, &info, 0))
88 {
89 *no_add_attrs = true;
90 return NULL_TREE;
91 }
92
93 /* If a parameter list is specified, verify that the format_num
94 argument is actually a string, in case the format attribute
95 is in error. */
96 argument = TYPE_ARG_TYPES (type);
97 if (argument)
98 {
99 for (arg_num = 1; argument != 0 && arg_num != info.format_num;
100 ++arg_num, argument = TREE_CHAIN (argument))
101 ;
102
103 if (! argument
104 || TREE_CODE (TREE_VALUE (argument)) != POINTER_TYPE
105 || (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_VALUE (argument)))
106 != char_type_node))
107 {
108 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
109 error ("format string arg not a string type");
110 *no_add_attrs = true;
111 return NULL_TREE;
112 }
113
114 else if (info.first_arg_num != 0)
115 {
116 /* Verify that first_arg_num points to the last arg,
117 the ... */
118 while (argument)
119 arg_num++, argument = TREE_CHAIN (argument);
120
121 if (arg_num != info.first_arg_num)
122 {
123 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
124 error ("args to be formatted is not '...'");
125 *no_add_attrs = true;
126 return NULL_TREE;
127 }
128 }
129 }
130
131 if (info.format_type == strftime_format_type && info.first_arg_num != 0)
132 {
133 error ("strftime formats cannot format arguments");
134 *no_add_attrs = true;
135 return NULL_TREE;
136 }
137
138 return NULL_TREE;
139 }
140
141
142 /* Handle a "format_arg" attribute; arguments as in
143 struct attribute_spec.handler. */
144 tree
145 handle_format_arg_attribute (node, name, args, flags, no_add_attrs)
146 tree *node;
147 tree name ATTRIBUTE_UNUSED;
148 tree args;
149 int flags;
150 bool *no_add_attrs;
151 {
152 tree type = *node;
153 tree format_num_expr = TREE_VALUE (args);
154 unsigned HOST_WIDE_INT format_num;
155 unsigned HOST_WIDE_INT arg_num;
156 tree argument;
157
158 /* Strip any conversions from the first arg number and verify it
159 is a constant. */
160 while (TREE_CODE (format_num_expr) == NOP_EXPR
161 || TREE_CODE (format_num_expr) == CONVERT_EXPR
162 || TREE_CODE (format_num_expr) == NON_LVALUE_EXPR)
163 format_num_expr = TREE_OPERAND (format_num_expr, 0);
164
165 if (TREE_CODE (format_num_expr) != INTEGER_CST
166 || TREE_INT_CST_HIGH (format_num_expr) != 0)
167 {
168 error ("format string has invalid operand number");
169 *no_add_attrs = true;
170 return NULL_TREE;
171 }
172
173 format_num = TREE_INT_CST_LOW (format_num_expr);
174
175 /* If a parameter list is specified, verify that the format_num
176 argument is actually a string, in case the format attribute
177 is in error. */
178 argument = TYPE_ARG_TYPES (type);
179 if (argument)
180 {
181 for (arg_num = 1; argument != 0 && arg_num != format_num;
182 ++arg_num, argument = TREE_CHAIN (argument))
183 ;
184
185 if (! argument
186 || TREE_CODE (TREE_VALUE (argument)) != POINTER_TYPE
187 || (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_VALUE (argument)))
188 != char_type_node))
189 {
190 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
191 error ("format string arg not a string type");
192 *no_add_attrs = true;
193 return NULL_TREE;
194 }
195 }
196
197 if (TREE_CODE (TREE_TYPE (type)) != POINTER_TYPE
198 || (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (type)))
199 != char_type_node))
200 {
201 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
202 error ("function does not return string type");
203 *no_add_attrs = true;
204 return NULL_TREE;
205 }
206
207 return NULL_TREE;
208 }
209
210
211 /* Decode the arguments to a "format" attribute into a function_format_info
212 structure. It is already known that the list is of the right length.
213 If VALIDATED_P is true, then these attributes have already been validated
214 and this function will abort if they are erroneous; if false, it
215 will give an error message. Returns true if the attributes are
216 successfully decoded, false otherwise. */
217
218 static bool
219 decode_format_attr (args, info, validated_p)
220 tree args;
221 function_format_info *info;
222 int validated_p;
223 {
224 tree format_type_id = TREE_VALUE (args);
225 tree format_num_expr = TREE_VALUE (TREE_CHAIN (args));
226 tree first_arg_num_expr
227 = TREE_VALUE (TREE_CHAIN (TREE_CHAIN (args)));
228
229 if (TREE_CODE (format_type_id) != IDENTIFIER_NODE)
230 {
231 if (validated_p)
232 abort ();
233 error ("unrecognized format specifier");
234 return false;
235 }
236 else
237 {
238 const char *p = IDENTIFIER_POINTER (format_type_id);
239
240 info->format_type = decode_format_type (p);
241
242 if (info->format_type == format_type_error)
243 {
244 if (validated_p)
245 abort ();
246 warning ("`%s' is an unrecognized format function type", p);
247 return false;
248 }
249 }
250
251 /* Strip any conversions from the string index and first arg number
252 and verify they are constants. */
253 while (TREE_CODE (format_num_expr) == NOP_EXPR
254 || TREE_CODE (format_num_expr) == CONVERT_EXPR
255 || TREE_CODE (format_num_expr) == NON_LVALUE_EXPR)
256 format_num_expr = TREE_OPERAND (format_num_expr, 0);
257
258 while (TREE_CODE (first_arg_num_expr) == NOP_EXPR
259 || TREE_CODE (first_arg_num_expr) == CONVERT_EXPR
260 || TREE_CODE (first_arg_num_expr) == NON_LVALUE_EXPR)
261 first_arg_num_expr = TREE_OPERAND (first_arg_num_expr, 0);
262
263 if (TREE_CODE (format_num_expr) != INTEGER_CST
264 || TREE_INT_CST_HIGH (format_num_expr) != 0
265 || TREE_CODE (first_arg_num_expr) != INTEGER_CST
266 || TREE_INT_CST_HIGH (first_arg_num_expr) != 0)
267 {
268 if (validated_p)
269 abort ();
270 error ("format string has invalid operand number");
271 return false;
272 }
273
274 info->format_num = TREE_INT_CST_LOW (format_num_expr);
275 info->first_arg_num = TREE_INT_CST_LOW (first_arg_num_expr);
276 if (info->first_arg_num != 0 && info->first_arg_num <= info->format_num)
277 {
278 if (validated_p)
279 abort ();
280 error ("format string arg follows the args to be formatted");
281 return false;
282 }
283
284 return true;
285 }
286 \f
287 /* Check a call to a format function against a parameter list. */
288
289 /* The meaningfully distinct length modifiers for format checking recognized
290 by GCC. */
291 enum format_lengths
292 {
293 FMT_LEN_none,
294 FMT_LEN_hh,
295 FMT_LEN_h,
296 FMT_LEN_l,
297 FMT_LEN_ll,
298 FMT_LEN_L,
299 FMT_LEN_z,
300 FMT_LEN_t,
301 FMT_LEN_j,
302 FMT_LEN_MAX
303 };
304
305
306 /* The standard versions in which various format features appeared. */
307 enum format_std_version
308 {
309 STD_C89,
310 STD_C94,
311 STD_C9L, /* C99, but treat as C89 if -Wno-long-long. */
312 STD_C99,
313 STD_EXT
314 };
315
316 /* The C standard version C++ is treated as equivalent to
317 or inheriting from, for the purpose of format features supported. */
318 #define CPLUSPLUS_STD_VER STD_C94
319 /* The C standard version we are checking formats against when pedantic. */
320 #define C_STD_VER ((int)(c_language == clk_cplusplus \
321 ? CPLUSPLUS_STD_VER \
322 : (flag_isoc99 \
323 ? STD_C99 \
324 : (flag_isoc94 ? STD_C94 : STD_C89))))
325 /* The name to give to the standard version we are warning about when
326 pedantic. FEATURE_VER is the version in which the feature warned out
327 appeared, which is higher than C_STD_VER. */
328 #define C_STD_NAME(FEATURE_VER) (c_language == clk_cplusplus \
329 ? "ISO C++" \
330 : ((FEATURE_VER) == STD_EXT \
331 ? "ISO C" \
332 : "ISO C90"))
333 /* Adjust a C standard version, which may be STD_C9L, to account for
334 -Wno-long-long. Returns other standard versions unchanged. */
335 #define ADJ_STD(VER) ((int)((VER) == STD_C9L \
336 ? (warn_long_long ? STD_C99 : STD_C89) \
337 : (VER)))
338
339 /* Flags that may apply to a particular kind of format checked by GCC. */
340 enum
341 {
342 /* This format converts arguments of types determined by the
343 format string. */
344 FMT_FLAG_ARG_CONVERT = 1,
345 /* The scanf allocation 'a' kludge applies to this format kind. */
346 FMT_FLAG_SCANF_A_KLUDGE = 2,
347 /* A % during parsing a specifier is allowed to be a modified % rather
348 that indicating the format is broken and we are out-of-sync. */
349 FMT_FLAG_FANCY_PERCENT_OK = 4,
350 /* With $ operand numbers, it is OK to reference the same argument more
351 than once. */
352 FMT_FLAG_DOLLAR_MULTIPLE = 8,
353 /* This format type uses $ operand numbers (strfmon doesn't). */
354 FMT_FLAG_USE_DOLLAR = 16,
355 /* Zero width is bad in this type of format (scanf). */
356 FMT_FLAG_ZERO_WIDTH_BAD = 32,
357 /* Empty precision specification is OK in this type of format (printf). */
358 FMT_FLAG_EMPTY_PREC_OK = 64,
359 /* Gaps are allowed in the arguments with $ operand numbers if all
360 arguments are pointers (scanf). */
361 FMT_FLAG_DOLLAR_GAP_POINTER_OK = 128
362 /* Not included here: details of whether width or precision may occur
363 (controlled by width_char and precision_char); details of whether
364 '*' can be used for these (width_type and precision_type); details
365 of whether length modifiers can occur (length_char_specs). */
366 };
367
368
369 /* Structure describing a length modifier supported in format checking, and
370 possibly a doubled version such as "hh". */
371 typedef struct
372 {
373 /* Name of the single-character length modifier. */
374 const char *const name;
375 /* Index into a format_char_info.types array. */
376 const enum format_lengths index;
377 /* Standard version this length appears in. */
378 const enum format_std_version std;
379 /* Same, if the modifier can be repeated, or NULL if it can't. */
380 const char *const double_name;
381 const enum format_lengths double_index;
382 const enum format_std_version double_std;
383 } format_length_info;
384
385
386 /* Structure describing the combination of a conversion specifier
387 (or a set of specifiers which act identically) and a length modifier. */
388 typedef struct
389 {
390 /* The standard version this combination of length and type appeared in.
391 This is only relevant if greater than those for length and type
392 individually; otherwise it is ignored. */
393 enum format_std_version std;
394 /* The name to use for the type, if different from that generated internally
395 (e.g., "signed size_t"). */
396 const char *name;
397 /* The type itself. */
398 tree *type;
399 } format_type_detail;
400
401
402 /* Macros to fill out tables of these. */
403 #define BADLEN { 0, NULL, NULL }
404 #define NOLENGTHS { BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }
405
406
407 /* Structure describing a format conversion specifier (or a set of specifiers
408 which act identically), and the length modifiers used with it. */
409 typedef struct
410 {
411 const char *const format_chars;
412 const int pointer_count;
413 const enum format_std_version std;
414 /* Types accepted for each length modifier. */
415 const format_type_detail types[FMT_LEN_MAX];
416 /* List of other modifier characters allowed with these specifiers.
417 This lists flags, and additionally "w" for width, "p" for precision
418 (right precision, for strfmon), "#" for left precision (strfmon),
419 "a" for scanf "a" allocation extension (not applicable in C99 mode),
420 "*" for scanf suppression, and "E" and "O" for those strftime
421 modifiers. */
422 const char *const flag_chars;
423 /* List of additional flags describing these conversion specifiers.
424 "c" for generic character pointers being allowed, "2" for strftime
425 two digit year formats, "3" for strftime formats giving two digit
426 years in some locales, "4" for "2" which becomes "3" with an "E" modifier,
427 "o" if use of strftime "O" is a GNU extension beyond C99,
428 "W" if the argument is a pointer which is dereferenced and written into,
429 "R" if the argument is a pointer which is dereferenced and read from,
430 "i" for printf integer formats where the '0' flag is ignored with
431 precision, and "[" for the starting character of a scanf scanset. */
432 const char *const flags2;
433 } format_char_info;
434
435
436 /* Structure describing a flag accepted by some kind of format. */
437 typedef struct
438 {
439 /* The flag character in question (0 for end of array). */
440 const int flag_char;
441 /* Zero if this entry describes the flag character in general, or a
442 nonzero character that may be found in flags2 if it describes the
443 flag when used with certain formats only. If the latter, only
444 the first such entry found that applies to the current conversion
445 specifier is used; the values of `name' and `long_name' it supplies
446 will be used, if non-NULL and the standard version is higher than
447 the unpredicated one, for any pedantic warning. For example, 'o'
448 for strftime formats (meaning 'O' is an extension over C99). */
449 const int predicate;
450 /* Nonzero if the next character after this flag in the format should
451 be skipped ('=' in strfmon), zero otherwise. */
452 const int skip_next_char;
453 /* The name to use for this flag in diagnostic messages. For example,
454 N_("`0' flag"), N_("field width"). */
455 const char *const name;
456 /* Long name for this flag in diagnostic messages; currently only used for
457 "ISO C does not support ...". For example, N_("the `I' printf flag"). */
458 const char *const long_name;
459 /* The standard version in which it appeared. */
460 const enum format_std_version std;
461 } format_flag_spec;
462
463
464 /* Structure describing a combination of flags that is bad for some kind
465 of format. */
466 typedef struct
467 {
468 /* The first flag character in question (0 for end of array). */
469 const int flag_char1;
470 /* The second flag character. */
471 const int flag_char2;
472 /* Nonzero if the message should say that the first flag is ignored with
473 the second, zero if the combination should simply be objected to. */
474 const int ignored;
475 /* Zero if this entry applies whenever this flag combination occurs,
476 a nonzero character from flags2 if it only applies in some
477 circumstances (e.g. 'i' for printf formats ignoring 0 with precision). */
478 const int predicate;
479 } format_flag_pair;
480
481
482 /* Structure describing a particular kind of format processed by GCC. */
483 typedef struct
484 {
485 /* The name of this kind of format, for use in diagnostics. Also
486 the name of the attribute (without preceding and following __). */
487 const char *const name;
488 /* Specifications of the length modifiers accepted; possibly NULL. */
489 const format_length_info *const length_char_specs;
490 /* Details of the conversion specification characters accepted. */
491 const format_char_info *const conversion_specs;
492 /* String listing the flag characters that are accepted. */
493 const char *const flag_chars;
494 /* String listing modifier characters (strftime) accepted. May be NULL. */
495 const char *const modifier_chars;
496 /* Details of the flag characters, including pseudo-flags. */
497 const format_flag_spec *const flag_specs;
498 /* Details of bad combinations of flags. */
499 const format_flag_pair *const bad_flag_pairs;
500 /* Flags applicable to this kind of format. */
501 const int flags;
502 /* Flag character to treat a width as, or 0 if width not used. */
503 const int width_char;
504 /* Flag character to treat a left precision (strfmon) as,
505 or 0 if left precision not used. */
506 const int left_precision_char;
507 /* Flag character to treat a precision (for strfmon, right precision) as,
508 or 0 if precision not used. */
509 const int precision_char;
510 /* If a flag character has the effect of suppressing the conversion of
511 an argument ('*' in scanf), that flag character, otherwise 0. */
512 const int suppression_char;
513 /* Flag character to treat a length modifier as (ignored if length
514 modifiers not used). Need not be placed in flag_chars for conversion
515 specifiers, but is used to check for bad combinations such as length
516 modifier with assignment suppression in scanf. */
517 const int length_code_char;
518 /* Pointer to type of argument expected if '*' is used for a width,
519 or NULL if '*' not used for widths. */
520 tree *const width_type;
521 /* Pointer to type of argument expected if '*' is used for a precision,
522 or NULL if '*' not used for precisions. */
523 tree *const precision_type;
524 } format_kind_info;
525
526
527 /* Structure describing details of a type expected in format checking,
528 and the type to check against it. */
529 typedef struct format_wanted_type
530 {
531 /* The type wanted. */
532 tree wanted_type;
533 /* The name of this type to use in diagnostics. */
534 const char *wanted_type_name;
535 /* The level of indirection through pointers at which this type occurs. */
536 int pointer_count;
537 /* Whether, when pointer_count is 1, to allow any character type when
538 pedantic, rather than just the character or void type specified. */
539 int char_lenient_flag;
540 /* Whether the argument, dereferenced once, is written into and so the
541 argument must not be a pointer to a const-qualified type. */
542 int writing_in_flag;
543 /* Whether the argument, dereferenced once, is read from and so
544 must not be a NULL pointer. */
545 int reading_from_flag;
546 /* If warnings should be of the form "field precision is not type int",
547 the name to use (in this case "field precision"), otherwise NULL,
548 for "%s format, %s arg" type messages. If (in an extension), this
549 is a pointer type, wanted_type_name should be set to include the
550 terminating '*' characters of the type name to give a correct
551 message. */
552 const char *name;
553 /* The actual parameter to check against the wanted type. */
554 tree param;
555 /* The argument number of that parameter. */
556 int arg_num;
557 /* The next type to check for this format conversion, or NULL if none. */
558 struct format_wanted_type *next;
559 } format_wanted_type;
560
561
562 static const format_length_info printf_length_specs[] =
563 {
564 { "h", FMT_LEN_h, STD_C89, "hh", FMT_LEN_hh, STD_C99 },
565 { "l", FMT_LEN_l, STD_C89, "ll", FMT_LEN_ll, STD_C9L },
566 { "q", FMT_LEN_ll, STD_EXT, NULL, 0, 0 },
567 { "L", FMT_LEN_L, STD_C89, NULL, 0, 0 },
568 { "z", FMT_LEN_z, STD_C99, NULL, 0, 0 },
569 { "Z", FMT_LEN_z, STD_EXT, NULL, 0, 0 },
570 { "t", FMT_LEN_t, STD_C99, NULL, 0, 0 },
571 { "j", FMT_LEN_j, STD_C99, NULL, 0, 0 },
572 { NULL, 0, 0, NULL, 0, 0 }
573 };
574
575
576 /* This differs from printf_length_specs only in that "Z" is not accepted. */
577 static const format_length_info scanf_length_specs[] =
578 {
579 { "h", FMT_LEN_h, STD_C89, "hh", FMT_LEN_hh, STD_C99 },
580 { "l", FMT_LEN_l, STD_C89, "ll", FMT_LEN_ll, STD_C9L },
581 { "q", FMT_LEN_ll, STD_EXT, NULL, 0, 0 },
582 { "L", FMT_LEN_L, STD_C89, NULL, 0, 0 },
583 { "z", FMT_LEN_z, STD_C99, NULL, 0, 0 },
584 { "t", FMT_LEN_t, STD_C99, NULL, 0, 0 },
585 { "j", FMT_LEN_j, STD_C99, NULL, 0, 0 },
586 { NULL, 0, 0, NULL, 0, 0 }
587 };
588
589
590 /* All tables for strfmon use STD_C89 everywhere, since -pedantic warnings
591 make no sense for a format type not part of any C standard version. */
592 static const format_length_info strfmon_length_specs[] =
593 {
594 /* A GNU extension. */
595 { "L", FMT_LEN_L, STD_C89, NULL, 0, 0 },
596 { NULL, 0, 0, NULL, 0, 0 }
597 };
598
599 static const format_flag_spec printf_flag_specs[] =
600 {
601 { ' ', 0, 0, N_("` ' flag"), N_("the ` ' printf flag"), STD_C89 },
602 { '+', 0, 0, N_("`+' flag"), N_("the `+' printf flag"), STD_C89 },
603 { '#', 0, 0, N_("`#' flag"), N_("the `#' printf flag"), STD_C89 },
604 { '0', 0, 0, N_("`0' flag"), N_("the `0' printf flag"), STD_C89 },
605 { '-', 0, 0, N_("`-' flag"), N_("the `-' printf flag"), STD_C89 },
606 { '\'', 0, 0, N_("`'' flag"), N_("the `'' printf flag"), STD_EXT },
607 { 'I', 0, 0, N_("`I' flag"), N_("the `I' printf flag"), STD_EXT },
608 { 'w', 0, 0, N_("field width"), N_("field width in printf format"), STD_C89 },
609 { 'p', 0, 0, N_("precision"), N_("precision in printf format"), STD_C89 },
610 { 'L', 0, 0, N_("length modifier"), N_("length modifier in printf format"), STD_C89 },
611 { 0, 0, 0, NULL, NULL, 0 }
612 };
613
614
615 static const format_flag_pair printf_flag_pairs[] =
616 {
617 { ' ', '+', 1, 0 },
618 { '0', '-', 1, 0 },
619 { '0', 'p', 1, 'i' },
620 { 0, 0, 0, 0 }
621 };
622
623
624 static const format_flag_spec scanf_flag_specs[] =
625 {
626 { '*', 0, 0, N_("assignment suppression"), N_("the assignment suppression scanf feature"), STD_C89 },
627 { 'a', 0, 0, N_("`a' flag"), N_("the `a' scanf flag"), STD_EXT },
628 { 'w', 0, 0, N_("field width"), N_("field width in scanf format"), STD_C89 },
629 { 'L', 0, 0, N_("length modifier"), N_("length modifier in scanf format"), STD_C89 },
630 { '\'', 0, 0, N_("`'' flag"), N_("the `'' scanf flag"), STD_EXT },
631 { 'I', 0, 0, N_("`I' flag"), N_("the `I' scanf flag"), STD_EXT },
632 { 0, 0, 0, NULL, NULL, 0 }
633 };
634
635
636 static const format_flag_pair scanf_flag_pairs[] =
637 {
638 { '*', 'L', 0, 0 },
639 { 0, 0, 0, 0 }
640 };
641
642
643 static const format_flag_spec strftime_flag_specs[] =
644 {
645 { '_', 0, 0, N_("`_' flag"), N_("the `_' strftime flag"), STD_EXT },
646 { '-', 0, 0, N_("`-' flag"), N_("the `-' strftime flag"), STD_EXT },
647 { '0', 0, 0, N_("`0' flag"), N_("the `0' strftime flag"), STD_EXT },
648 { '^', 0, 0, N_("`^' flag"), N_("the `^' strftime flag"), STD_EXT },
649 { '#', 0, 0, N_("`#' flag"), N_("the `#' strftime flag"), STD_EXT },
650 { 'w', 0, 0, N_("field width"), N_("field width in strftime format"), STD_EXT },
651 { 'E', 0, 0, N_("`E' modifier"), N_("the `E' strftime modifier"), STD_C99 },
652 { 'O', 0, 0, N_("`O' modifier"), N_("the `O' strftime modifier"), STD_C99 },
653 { 'O', 'o', 0, NULL, N_("the `O' modifier"), STD_EXT },
654 { 0, 0, 0, NULL, NULL, 0 }
655 };
656
657
658 static const format_flag_pair strftime_flag_pairs[] =
659 {
660 { 'E', 'O', 0, 0 },
661 { '_', '-', 0, 0 },
662 { '_', '0', 0, 0 },
663 { '-', '0', 0, 0 },
664 { '^', '#', 0, 0 },
665 { 0, 0, 0, 0 }
666 };
667
668
669 static const format_flag_spec strfmon_flag_specs[] =
670 {
671 { '=', 0, 1, N_("fill character"), N_("fill character in strfmon format"), STD_C89 },
672 { '^', 0, 0, N_("`^' flag"), N_("the `^' strfmon flag"), STD_C89 },
673 { '+', 0, 0, N_("`+' flag"), N_("the `+' strfmon flag"), STD_C89 },
674 { '(', 0, 0, N_("`(' flag"), N_("the `(' strfmon flag"), STD_C89 },
675 { '!', 0, 0, N_("`!' flag"), N_("the `!' strfmon flag"), STD_C89 },
676 { '-', 0, 0, N_("`-' flag"), N_("the `-' strfmon flag"), STD_C89 },
677 { 'w', 0, 0, N_("field width"), N_("field width in strfmon format"), STD_C89 },
678 { '#', 0, 0, N_("left precision"), N_("left precision in strfmon format"), STD_C89 },
679 { 'p', 0, 0, N_("right precision"), N_("right precision in strfmon format"), STD_C89 },
680 { 'L', 0, 0, N_("length modifier"), N_("length modifier in strfmon format"), STD_C89 },
681 { 0, 0, 0, NULL, NULL, 0 }
682 };
683
684 static const format_flag_pair strfmon_flag_pairs[] =
685 {
686 { '+', '(', 0, 0 },
687 { 0, 0, 0, 0 }
688 };
689
690
691 #define T_I &integer_type_node
692 #define T89_I { STD_C89, NULL, T_I }
693 #define T_L &long_integer_type_node
694 #define T89_L { STD_C89, NULL, T_L }
695 #define T_LL &long_long_integer_type_node
696 #define T9L_LL { STD_C9L, NULL, T_LL }
697 #define TEX_LL { STD_EXT, NULL, T_LL }
698 #define T_S &short_integer_type_node
699 #define T89_S { STD_C89, NULL, T_S }
700 #define T_UI &unsigned_type_node
701 #define T89_UI { STD_C89, NULL, T_UI }
702 #define T_UL &long_unsigned_type_node
703 #define T89_UL { STD_C89, NULL, T_UL }
704 #define T_ULL &long_long_unsigned_type_node
705 #define T9L_ULL { STD_C9L, NULL, T_ULL }
706 #define TEX_ULL { STD_EXT, NULL, T_ULL }
707 #define T_US &short_unsigned_type_node
708 #define T89_US { STD_C89, NULL, T_US }
709 #define T_F &float_type_node
710 #define T89_F { STD_C89, NULL, T_F }
711 #define T99_F { STD_C99, NULL, T_F }
712 #define T_D &double_type_node
713 #define T89_D { STD_C89, NULL, T_D }
714 #define T99_D { STD_C99, NULL, T_D }
715 #define T_LD &long_double_type_node
716 #define T89_LD { STD_C89, NULL, T_LD }
717 #define T99_LD { STD_C99, NULL, T_LD }
718 #define T_C &char_type_node
719 #define T89_C { STD_C89, NULL, T_C }
720 #define T_SC &signed_char_type_node
721 #define T99_SC { STD_C99, NULL, T_SC }
722 #define T_UC &unsigned_char_type_node
723 #define T99_UC { STD_C99, NULL, T_UC }
724 #define T_V &void_type_node
725 #define T89_V { STD_C89, NULL, T_V }
726 #define T_W &wchar_type_node
727 #define T94_W { STD_C94, "wchar_t", T_W }
728 #define TEX_W { STD_EXT, "wchar_t", T_W }
729 #define T_WI &wint_type_node
730 #define T94_WI { STD_C94, "wint_t", T_WI }
731 #define TEX_WI { STD_EXT, "wint_t", T_WI }
732 #define T_ST &c_size_type_node
733 #define T99_ST { STD_C99, "size_t", T_ST }
734 #define T_SST &signed_size_type_node
735 #define T99_SST { STD_C99, "signed size_t", T_SST }
736 #define T_PD &ptrdiff_type_node
737 #define T99_PD { STD_C99, "ptrdiff_t", T_PD }
738 #define T_UPD &unsigned_ptrdiff_type_node
739 #define T99_UPD { STD_C99, "unsigned ptrdiff_t", T_UPD }
740 #define T_IM &intmax_type_node
741 #define T99_IM { STD_C99, "intmax_t", T_IM }
742 #define T_UIM &uintmax_type_node
743 #define T99_UIM { STD_C99, "uintmax_t", T_UIM }
744
745 static const format_char_info print_char_table[] =
746 {
747 /* C89 conversion specifiers. */
748 { "di", 0, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, TEX_LL, T99_SST, T99_PD, T99_IM }, "-wp0 +'I", "i" },
749 { "oxX", 0, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "-wp0#", "i" },
750 { "u", 0, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "-wp0'I", "i" },
751 { "fgG", 0, STD_C89, { T89_D, BADLEN, BADLEN, T99_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#'", "" },
752 { "eE", 0, STD_C89, { T89_D, BADLEN, BADLEN, T99_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#", "" },
753 { "c", 0, STD_C89, { T89_I, BADLEN, BADLEN, T94_WI, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "" },
754 { "s", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "cR" },
755 { "p", 1, STD_C89, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "c" },
756 { "n", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, BADLEN, T99_SST, T99_PD, T99_IM }, "", "W" },
757 /* C99 conversion specifiers. */
758 { "F", 0, STD_C99, { T99_D, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#'", "" },
759 { "aA", 0, STD_C99, { T99_D, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#", "" },
760 /* X/Open conversion specifiers. */
761 { "C", 0, STD_EXT, { TEX_WI, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "" },
762 { "S", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "R" },
763 /* GNU conversion specifiers. */
764 { "m", 0, STD_EXT, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "" },
765 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
766 };
767
768 static const format_char_info scan_char_table[] =
769 {
770 /* C89 conversion specifiers. */
771 { "di", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, TEX_LL, T99_SST, T99_PD, T99_IM }, "*w'I", "W" },
772 { "u", 1, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "*w'I", "W" },
773 { "oxX", 1, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "*w", "W" },
774 { "efgEG", 1, STD_C89, { T89_F, BADLEN, BADLEN, T89_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "*w'", "W" },
775 { "c", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*w", "cW" },
776 { "s", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*aw", "cW" },
777 { "[", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*aw", "cW[" },
778 { "p", 2, STD_C89, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*w", "W" },
779 { "n", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, BADLEN, T99_SST, T99_PD, T99_IM }, "", "W" },
780 /* C99 conversion specifiers. */
781 { "FaA", 1, STD_C99, { T99_F, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN }, "*w'", "W" },
782 /* X/Open conversion specifiers. */
783 { "C", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*w", "W" },
784 { "S", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*aw", "W" },
785 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
786 };
787
788 static const format_char_info time_char_table[] =
789 {
790 /* C89 conversion specifiers. */
791 { "ABZab", 0, STD_C89, NOLENGTHS, "^#", "" },
792 { "cx", 0, STD_C89, NOLENGTHS, "E", "3" },
793 { "HIMSUWdmw", 0, STD_C89, NOLENGTHS, "-_0Ow", "" },
794 { "j", 0, STD_C89, NOLENGTHS, "-_0Ow", "o" },
795 { "p", 0, STD_C89, NOLENGTHS, "#", "" },
796 { "X", 0, STD_C89, NOLENGTHS, "E", "" },
797 { "y", 0, STD_C89, NOLENGTHS, "EO-_0w", "4" },
798 { "Y", 0, STD_C89, NOLENGTHS, "-_0EOw", "o" },
799 { "%", 0, STD_C89, NOLENGTHS, "", "" },
800 /* C99 conversion specifiers. */
801 { "C", 0, STD_C99, NOLENGTHS, "-_0EOw", "o" },
802 { "D", 0, STD_C99, NOLENGTHS, "", "2" },
803 { "eVu", 0, STD_C99, NOLENGTHS, "-_0Ow", "" },
804 { "FRTnrt", 0, STD_C99, NOLENGTHS, "", "" },
805 { "g", 0, STD_C99, NOLENGTHS, "O-_0w", "2o" },
806 { "G", 0, STD_C99, NOLENGTHS, "-_0Ow", "o" },
807 { "h", 0, STD_C99, NOLENGTHS, "^#", "" },
808 { "z", 0, STD_C99, NOLENGTHS, "O", "o" },
809 /* GNU conversion specifiers. */
810 { "kls", 0, STD_EXT, NOLENGTHS, "-_0Ow", "" },
811 { "P", 0, STD_EXT, NOLENGTHS, "", "" },
812 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
813 };
814
815 static const format_char_info monetary_char_table[] =
816 {
817 { "in", 0, STD_C89, { T89_D, BADLEN, BADLEN, BADLEN, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "=^+(!-w#p", "" },
818 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
819 };
820
821
822 /* This must be in the same order as enum format_type. */
823 static const format_kind_info format_types[] =
824 {
825 { "printf", printf_length_specs, print_char_table, " +#0-'I", NULL,
826 printf_flag_specs, printf_flag_pairs,
827 FMT_FLAG_ARG_CONVERT|FMT_FLAG_DOLLAR_MULTIPLE|FMT_FLAG_USE_DOLLAR|FMT_FLAG_EMPTY_PREC_OK,
828 'w', 0, 'p', 0, 'L',
829 &integer_type_node, &integer_type_node
830 },
831 { "scanf", scanf_length_specs, scan_char_table, "*'I", NULL,
832 scanf_flag_specs, scanf_flag_pairs,
833 FMT_FLAG_ARG_CONVERT|FMT_FLAG_SCANF_A_KLUDGE|FMT_FLAG_USE_DOLLAR|FMT_FLAG_ZERO_WIDTH_BAD|FMT_FLAG_DOLLAR_GAP_POINTER_OK,
834 'w', 0, 0, '*', 'L',
835 NULL, NULL
836 },
837 { "strftime", NULL, time_char_table, "_-0^#", "EO",
838 strftime_flag_specs, strftime_flag_pairs,
839 FMT_FLAG_FANCY_PERCENT_OK, 'w', 0, 0, 0, 0,
840 NULL, NULL
841 },
842 { "strfmon", strfmon_length_specs, monetary_char_table, "=^+(!-", NULL,
843 strfmon_flag_specs, strfmon_flag_pairs,
844 FMT_FLAG_ARG_CONVERT, 'w', '#', 'p', 0, 'L',
845 NULL, NULL
846 }
847 };
848
849
850 /* Structure detailing the results of checking a format function call
851 where the format expression may be a conditional expression with
852 many leaves resulting from nested conditional expressions. */
853 typedef struct
854 {
855 /* Number of leaves of the format argument that could not be checked
856 as they were not string literals. */
857 int number_non_literal;
858 /* Number of leaves of the format argument that were null pointers or
859 string literals, but had extra format arguments. */
860 int number_extra_args;
861 /* Number of leaves of the format argument that were null pointers or
862 string literals, but had extra format arguments and used $ operand
863 numbers. */
864 int number_dollar_extra_args;
865 /* Number of leaves of the format argument that were wide string
866 literals. */
867 int number_wide;
868 /* Number of leaves of the format argument that were empty strings. */
869 int number_empty;
870 /* Number of leaves of the format argument that were unterminated
871 strings. */
872 int number_unterminated;
873 /* Number of leaves of the format argument that were not counted above. */
874 int number_other;
875 } format_check_results;
876
877 typedef struct
878 {
879 format_check_results *res;
880 function_format_info *info;
881 tree params;
882 int *status;
883 } format_check_context;
884
885 static void check_format_info PARAMS ((int *, function_format_info *, tree));
886 static void check_format_arg PARAMS ((void *, tree, unsigned HOST_WIDE_INT));
887 static void check_format_info_main PARAMS ((int *, format_check_results *,
888 function_format_info *,
889 const char *, int, tree,
890 unsigned HOST_WIDE_INT));
891 static void status_warning PARAMS ((int *, const char *, ...))
892 ATTRIBUTE_PRINTF_2;
893
894 static void init_dollar_format_checking PARAMS ((int, tree));
895 static int maybe_read_dollar_number PARAMS ((int *, const char **, int,
896 tree, tree *,
897 const format_kind_info *));
898 static void finish_dollar_format_checking PARAMS ((int *, format_check_results *, int));
899
900 static const format_flag_spec *get_flag_spec PARAMS ((const format_flag_spec *,
901 int, const char *));
902
903 static void check_format_types PARAMS ((int *, format_wanted_type *));
904
905 /* Decode a format type from a string, returning the type, or
906 format_type_error if not valid, in which case the caller should print an
907 error message. */
908 static enum format_type
909 decode_format_type (s)
910 const char *s;
911 {
912 int i;
913 int slen;
914 slen = strlen (s);
915 for (i = 0; i < (int) format_type_error; i++)
916 {
917 int alen;
918 if (!strcmp (s, format_types[i].name))
919 break;
920 alen = strlen (format_types[i].name);
921 if (slen == alen + 4 && s[0] == '_' && s[1] == '_'
922 && s[slen - 1] == '_' && s[slen - 2] == '_'
923 && !strncmp (s + 2, format_types[i].name, alen))
924 break;
925 }
926 return ((enum format_type) i);
927 }
928
929 \f
930 /* Check the argument list of a call to printf, scanf, etc.
931 ATTRS are the attributes on the function type.
932 PARAMS is the list of argument values. Also, if -Wmissing-format-attribute,
933 warn for calls to vprintf or vscanf in functions with no such format
934 attribute themselves. */
935
936 void
937 check_function_format (status, attrs, params)
938 int *status;
939 tree attrs;
940 tree params;
941 {
942 tree a;
943
944 /* See if this function has any format attributes. */
945 for (a = attrs; a; a = TREE_CHAIN (a))
946 {
947 if (is_attribute_p ("format", TREE_PURPOSE (a)))
948 {
949 /* Yup; check it. */
950 function_format_info info;
951 decode_format_attr (TREE_VALUE (a), &info, 1);
952 check_format_info (status, &info, params);
953 if (warn_missing_format_attribute && info.first_arg_num == 0
954 && (format_types[info.format_type].flags
955 & (int) FMT_FLAG_ARG_CONVERT))
956 {
957 tree c;
958 for (c = TYPE_ATTRIBUTES (TREE_TYPE (current_function_decl));
959 c;
960 c = TREE_CHAIN (c))
961 if (is_attribute_p ("format", TREE_PURPOSE (c))
962 && (decode_format_type (IDENTIFIER_POINTER
963 (TREE_VALUE (TREE_VALUE (c))))
964 == info.format_type))
965 break;
966 if (c == NULL_TREE)
967 {
968 /* Check if the current function has a parameter to which
969 the format attribute could be attached; if not, it
970 can't be a candidate for a format attribute, despite
971 the vprintf-like or vscanf-like call. */
972 tree args;
973 for (args = DECL_ARGUMENTS (current_function_decl);
974 args != 0;
975 args = TREE_CHAIN (args))
976 {
977 if (TREE_CODE (TREE_TYPE (args)) == POINTER_TYPE
978 && (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (args)))
979 == char_type_node))
980 break;
981 }
982 if (args != 0)
983 warning ("function might be possible candidate for `%s' format attribute",
984 format_types[info.format_type].name);
985 }
986 }
987 }
988 }
989 }
990
991 /* This function replaces `warning' inside the printf format checking
992 functions. If the `status' parameter is non-NULL, then it is
993 dereferenced and set to 1 whenever a warning is caught. Otherwise
994 it warns as usual by replicating the innards of the warning
995 function from diagnostic.c. */
996 static void
997 status_warning VPARAMS ((int *status, const char *msgid, ...))
998 {
999 diagnostic_info diagnostic ;
1000
1001 VA_OPEN (ap, msgid);
1002 VA_FIXEDARG (ap, int *, status);
1003 VA_FIXEDARG (ap, const char *, msgid);
1004
1005 if (status)
1006 *status = 1;
1007 else
1008 {
1009 /* This duplicates the warning function behavior. */
1010 diagnostic_set_info (&diagnostic, _(msgid), &ap, input_filename, lineno,
1011 DK_WARNING);
1012 report_diagnostic (&diagnostic);
1013 }
1014
1015 VA_CLOSE (ap);
1016 }
1017
1018 /* Variables used by the checking of $ operand number formats. */
1019 static char *dollar_arguments_used = NULL;
1020 static char *dollar_arguments_pointer_p = NULL;
1021 static int dollar_arguments_alloc = 0;
1022 static int dollar_arguments_count;
1023 static int dollar_first_arg_num;
1024 static int dollar_max_arg_used;
1025 static int dollar_format_warned;
1026
1027 /* Initialize the checking for a format string that may contain $
1028 parameter number specifications; we will need to keep track of whether
1029 each parameter has been used. FIRST_ARG_NUM is the number of the first
1030 argument that is a parameter to the format, or 0 for a vprintf-style
1031 function; PARAMS is the list of arguments starting at this argument. */
1032
1033 static void
1034 init_dollar_format_checking (first_arg_num, params)
1035 int first_arg_num;
1036 tree params;
1037 {
1038 tree oparams = params;
1039
1040 dollar_first_arg_num = first_arg_num;
1041 dollar_arguments_count = 0;
1042 dollar_max_arg_used = 0;
1043 dollar_format_warned = 0;
1044 if (first_arg_num > 0)
1045 {
1046 while (params)
1047 {
1048 dollar_arguments_count++;
1049 params = TREE_CHAIN (params);
1050 }
1051 }
1052 if (dollar_arguments_alloc < dollar_arguments_count)
1053 {
1054 if (dollar_arguments_used)
1055 free (dollar_arguments_used);
1056 if (dollar_arguments_pointer_p)
1057 free (dollar_arguments_pointer_p);
1058 dollar_arguments_alloc = dollar_arguments_count;
1059 dollar_arguments_used = xmalloc (dollar_arguments_alloc);
1060 dollar_arguments_pointer_p = xmalloc (dollar_arguments_alloc);
1061 }
1062 if (dollar_arguments_alloc)
1063 {
1064 memset (dollar_arguments_used, 0, dollar_arguments_alloc);
1065 if (first_arg_num > 0)
1066 {
1067 int i = 0;
1068 params = oparams;
1069 while (params)
1070 {
1071 dollar_arguments_pointer_p[i] = (TREE_CODE (TREE_TYPE (TREE_VALUE (params)))
1072 == POINTER_TYPE);
1073 params = TREE_CHAIN (params);
1074 i++;
1075 }
1076 }
1077 }
1078 }
1079
1080
1081 /* Look for a decimal number followed by a $ in *FORMAT. If DOLLAR_NEEDED
1082 is set, it is an error if one is not found; otherwise, it is OK. If
1083 such a number is found, check whether it is within range and mark that
1084 numbered operand as being used for later checking. Returns the operand
1085 number if found and within range, zero if no such number was found and
1086 this is OK, or -1 on error. PARAMS points to the first operand of the
1087 format; PARAM_PTR is made to point to the parameter referred to. If
1088 a $ format is found, *FORMAT is updated to point just after it. */
1089
1090 static int
1091 maybe_read_dollar_number (status, format, dollar_needed, params, param_ptr,
1092 fki)
1093 int *status;
1094 const char **format;
1095 int dollar_needed;
1096 tree params;
1097 tree *param_ptr;
1098 const format_kind_info *fki;
1099 {
1100 int argnum;
1101 int overflow_flag;
1102 const char *fcp = *format;
1103 if (! ISDIGIT (*fcp))
1104 {
1105 if (dollar_needed)
1106 {
1107 status_warning (status, "missing $ operand number in format");
1108 return -1;
1109 }
1110 else
1111 return 0;
1112 }
1113 argnum = 0;
1114 overflow_flag = 0;
1115 while (ISDIGIT (*fcp))
1116 {
1117 int nargnum;
1118 nargnum = 10 * argnum + (*fcp - '0');
1119 if (nargnum < 0 || nargnum / 10 != argnum)
1120 overflow_flag = 1;
1121 argnum = nargnum;
1122 fcp++;
1123 }
1124 if (*fcp != '$')
1125 {
1126 if (dollar_needed)
1127 {
1128 status_warning (status, "missing $ operand number in format");
1129 return -1;
1130 }
1131 else
1132 return 0;
1133 }
1134 *format = fcp + 1;
1135 if (pedantic && !dollar_format_warned)
1136 {
1137 status_warning (status,
1138 "%s does not support %%n$ operand number formats",
1139 C_STD_NAME (STD_EXT));
1140 dollar_format_warned = 1;
1141 }
1142 if (overflow_flag || argnum == 0
1143 || (dollar_first_arg_num && argnum > dollar_arguments_count))
1144 {
1145 status_warning (status, "operand number out of range in format");
1146 return -1;
1147 }
1148 if (argnum > dollar_max_arg_used)
1149 dollar_max_arg_used = argnum;
1150 /* For vprintf-style functions we may need to allocate more memory to
1151 track which arguments are used. */
1152 while (dollar_arguments_alloc < dollar_max_arg_used)
1153 {
1154 int nalloc;
1155 nalloc = 2 * dollar_arguments_alloc + 16;
1156 dollar_arguments_used = xrealloc (dollar_arguments_used, nalloc);
1157 dollar_arguments_pointer_p = xrealloc (dollar_arguments_pointer_p,
1158 nalloc);
1159 memset (dollar_arguments_used + dollar_arguments_alloc, 0,
1160 nalloc - dollar_arguments_alloc);
1161 dollar_arguments_alloc = nalloc;
1162 }
1163 if (!(fki->flags & (int) FMT_FLAG_DOLLAR_MULTIPLE)
1164 && dollar_arguments_used[argnum - 1] == 1)
1165 {
1166 dollar_arguments_used[argnum - 1] = 2;
1167 status_warning (status,
1168 "format argument %d used more than once in %s format",
1169 argnum, fki->name);
1170 }
1171 else
1172 dollar_arguments_used[argnum - 1] = 1;
1173 if (dollar_first_arg_num)
1174 {
1175 int i;
1176 *param_ptr = params;
1177 for (i = 1; i < argnum && *param_ptr != 0; i++)
1178 *param_ptr = TREE_CHAIN (*param_ptr);
1179
1180 if (*param_ptr == 0)
1181 {
1182 /* This case shouldn't be caught here. */
1183 abort ();
1184 }
1185 }
1186 else
1187 *param_ptr = 0;
1188 return argnum;
1189 }
1190
1191
1192 /* Finish the checking for a format string that used $ operand number formats
1193 instead of non-$ formats. We check for unused operands before used ones
1194 (a serious error, since the implementation of the format function
1195 can't know what types to pass to va_arg to find the later arguments).
1196 and for unused operands at the end of the format (if we know how many
1197 arguments the format had, so not for vprintf). If there were operand
1198 numbers out of range on a non-vprintf-style format, we won't have reached
1199 here. If POINTER_GAP_OK, unused arguments are OK if all arguments are
1200 pointers. */
1201
1202 static void
1203 finish_dollar_format_checking (status, res, pointer_gap_ok)
1204 int *status;
1205 format_check_results *res;
1206 int pointer_gap_ok;
1207 {
1208 int i;
1209 bool found_pointer_gap = false;
1210 for (i = 0; i < dollar_max_arg_used; i++)
1211 {
1212 if (!dollar_arguments_used[i])
1213 {
1214 if (pointer_gap_ok && (dollar_first_arg_num == 0
1215 || dollar_arguments_pointer_p[i]))
1216 found_pointer_gap = true;
1217 else
1218 status_warning (status, "format argument %d unused before used argument %d in $-style format",
1219 i + 1, dollar_max_arg_used);
1220 }
1221 }
1222 if (found_pointer_gap
1223 || (dollar_first_arg_num
1224 && dollar_max_arg_used < dollar_arguments_count))
1225 {
1226 res->number_other--;
1227 res->number_dollar_extra_args++;
1228 }
1229 }
1230
1231
1232 /* Retrieve the specification for a format flag. SPEC contains the
1233 specifications for format flags for the applicable kind of format.
1234 FLAG is the flag in question. If PREDICATES is NULL, the basic
1235 spec for that flag must be retrieved and this function aborts if
1236 it cannot be found. If PREDICATES is not NULL, it is a string listing
1237 possible predicates for the spec entry; if an entry predicated on any
1238 of these is found, it is returned, otherwise NULL is returned. */
1239
1240 static const format_flag_spec *
1241 get_flag_spec (spec, flag, predicates)
1242 const format_flag_spec *spec;
1243 int flag;
1244 const char *predicates;
1245 {
1246 int i;
1247 for (i = 0; spec[i].flag_char != 0; i++)
1248 {
1249 if (spec[i].flag_char != flag)
1250 continue;
1251 if (predicates != NULL)
1252 {
1253 if (spec[i].predicate != 0
1254 && strchr (predicates, spec[i].predicate) != 0)
1255 return &spec[i];
1256 }
1257 else if (spec[i].predicate == 0)
1258 return &spec[i];
1259 }
1260 if (predicates == NULL)
1261 abort ();
1262 else
1263 return NULL;
1264 }
1265
1266
1267 /* Check the argument list of a call to printf, scanf, etc.
1268 INFO points to the function_format_info structure.
1269 PARAMS is the list of argument values. */
1270
1271 static void
1272 check_format_info (status, info, params)
1273 int *status;
1274 function_format_info *info;
1275 tree params;
1276 {
1277 format_check_context format_ctx;
1278 unsigned HOST_WIDE_INT arg_num;
1279 tree format_tree;
1280 format_check_results res;
1281 /* Skip to format argument. If the argument isn't available, there's
1282 no work for us to do; prototype checking will catch the problem. */
1283 for (arg_num = 1; ; ++arg_num)
1284 {
1285 if (params == 0)
1286 return;
1287 if (arg_num == info->format_num)
1288 break;
1289 params = TREE_CHAIN (params);
1290 }
1291 format_tree = TREE_VALUE (params);
1292 params = TREE_CHAIN (params);
1293 if (format_tree == 0)
1294 return;
1295
1296 res.number_non_literal = 0;
1297 res.number_extra_args = 0;
1298 res.number_dollar_extra_args = 0;
1299 res.number_wide = 0;
1300 res.number_empty = 0;
1301 res.number_unterminated = 0;
1302 res.number_other = 0;
1303
1304 format_ctx.res = &res;
1305 format_ctx.info = info;
1306 format_ctx.params = params;
1307 format_ctx.status = status;
1308
1309 check_function_arguments_recurse (check_format_arg, &format_ctx,
1310 format_tree, arg_num);
1311
1312 if (res.number_non_literal > 0)
1313 {
1314 /* Functions taking a va_list normally pass a non-literal format
1315 string. These functions typically are declared with
1316 first_arg_num == 0, so avoid warning in those cases. */
1317 if (!(format_types[info->format_type].flags & (int) FMT_FLAG_ARG_CONVERT))
1318 {
1319 /* For strftime-like formats, warn for not checking the format
1320 string; but there are no arguments to check. */
1321 if (warn_format_nonliteral)
1322 status_warning (status, "format not a string literal, format string not checked");
1323 }
1324 else if (info->first_arg_num != 0)
1325 {
1326 /* If there are no arguments for the format at all, we may have
1327 printf (foo) which is likely to be a security hole. */
1328 while (arg_num + 1 < info->first_arg_num)
1329 {
1330 if (params == 0)
1331 break;
1332 params = TREE_CHAIN (params);
1333 ++arg_num;
1334 }
1335 if (params == 0 && (warn_format_nonliteral || warn_format_security))
1336 status_warning (status, "format not a string literal and no format arguments");
1337 else if (warn_format_nonliteral)
1338 status_warning (status, "format not a string literal, argument types not checked");
1339 }
1340 }
1341
1342 /* If there were extra arguments to the format, normally warn. However,
1343 the standard does say extra arguments are ignored, so in the specific
1344 case where we have multiple leaves (conditional expressions or
1345 ngettext) allow extra arguments if at least one leaf didn't have extra
1346 arguments, but was otherwise OK (either non-literal or checked OK).
1347 If the format is an empty string, this should be counted similarly to the
1348 case of extra format arguments. */
1349 if (res.number_extra_args > 0 && res.number_non_literal == 0
1350 && res.number_other == 0 && warn_format_extra_args)
1351 status_warning (status, "too many arguments for format");
1352 if (res.number_dollar_extra_args > 0 && res.number_non_literal == 0
1353 && res.number_other == 0 && warn_format_extra_args)
1354 status_warning (status, "unused arguments in $-style format");
1355 if (res.number_empty > 0 && res.number_non_literal == 0
1356 && res.number_other == 0 && warn_format_zero_length)
1357 status_warning (status, "zero-length %s format string",
1358 format_types[info->format_type].name);
1359
1360 if (res.number_wide > 0)
1361 status_warning (status, "format is a wide character string");
1362
1363 if (res.number_unterminated > 0)
1364 status_warning (status, "unterminated format string");
1365 }
1366
1367 /* Callback from check_function_arguments_recurse to check a
1368 format string. FORMAT_TREE is the format parameter. ARG_NUM
1369 is the number of the format argument. CTX points to a
1370 format_check_context. */
1371
1372 static void
1373 check_format_arg (ctx, format_tree, arg_num)
1374 void *ctx;
1375 tree format_tree;
1376 unsigned HOST_WIDE_INT arg_num;
1377 {
1378 format_check_context *format_ctx = ctx;
1379 format_check_results *res = format_ctx->res;
1380 function_format_info *info = format_ctx->info;
1381 tree params = format_ctx->params;
1382 int *status = format_ctx->status;
1383
1384 int format_length;
1385 HOST_WIDE_INT offset;
1386 const char *format_chars;
1387 tree array_size = 0;
1388 tree array_init;
1389
1390 if (integer_zerop (format_tree))
1391 {
1392 /* Skip to first argument to check, so we can see if this format
1393 has any arguments (it shouldn't). */
1394 while (arg_num + 1 < info->first_arg_num)
1395 {
1396 if (params == 0)
1397 return;
1398 params = TREE_CHAIN (params);
1399 ++arg_num;
1400 }
1401
1402 if (params == 0)
1403 res->number_other++;
1404 else
1405 res->number_extra_args++;
1406
1407 return;
1408 }
1409
1410 offset = 0;
1411 if (TREE_CODE (format_tree) == PLUS_EXPR)
1412 {
1413 tree arg0, arg1;
1414
1415 arg0 = TREE_OPERAND (format_tree, 0);
1416 arg1 = TREE_OPERAND (format_tree, 1);
1417 STRIP_NOPS (arg0);
1418 STRIP_NOPS (arg1);
1419 if (TREE_CODE (arg1) == INTEGER_CST)
1420 format_tree = arg0;
1421 else if (TREE_CODE (arg0) == INTEGER_CST)
1422 {
1423 format_tree = arg1;
1424 arg1 = arg0;
1425 }
1426 else
1427 {
1428 res->number_non_literal++;
1429 return;
1430 }
1431 if (!host_integerp (arg1, 0)
1432 || (offset = tree_low_cst (arg1, 0)) < 0)
1433 {
1434 res->number_non_literal++;
1435 return;
1436 }
1437 }
1438 if (TREE_CODE (format_tree) != ADDR_EXPR)
1439 {
1440 res->number_non_literal++;
1441 return;
1442 }
1443 format_tree = TREE_OPERAND (format_tree, 0);
1444 if (TREE_CODE (format_tree) == VAR_DECL
1445 && TREE_CODE (TREE_TYPE (format_tree)) == ARRAY_TYPE
1446 && (array_init = decl_constant_value (format_tree)) != format_tree
1447 && TREE_CODE (array_init) == STRING_CST)
1448 {
1449 /* Extract the string constant initializer. Note that this may include
1450 a trailing NUL character that is not in the array (e.g.
1451 const char a[3] = "foo";). */
1452 array_size = DECL_SIZE_UNIT (format_tree);
1453 format_tree = array_init;
1454 }
1455 if (TREE_CODE (format_tree) != STRING_CST)
1456 {
1457 res->number_non_literal++;
1458 return;
1459 }
1460 if (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (format_tree))) != char_type_node)
1461 {
1462 res->number_wide++;
1463 return;
1464 }
1465 format_chars = TREE_STRING_POINTER (format_tree);
1466 format_length = TREE_STRING_LENGTH (format_tree);
1467 if (array_size != 0)
1468 {
1469 /* Variable length arrays can't be initialized. */
1470 if (TREE_CODE (array_size) != INTEGER_CST)
1471 abort ();
1472 if (host_integerp (array_size, 0))
1473 {
1474 HOST_WIDE_INT array_size_value = TREE_INT_CST_LOW (array_size);
1475 if (array_size_value > 0
1476 && array_size_value == (int) array_size_value
1477 && format_length > array_size_value)
1478 format_length = array_size_value;
1479 }
1480 }
1481 if (offset)
1482 {
1483 if (offset >= format_length)
1484 {
1485 res->number_non_literal++;
1486 return;
1487 }
1488 format_chars += offset;
1489 format_length -= offset;
1490 }
1491 if (format_length < 1)
1492 {
1493 res->number_unterminated++;
1494 return;
1495 }
1496 if (format_length == 1)
1497 {
1498 res->number_empty++;
1499 return;
1500 }
1501 if (format_chars[--format_length] != 0)
1502 {
1503 res->number_unterminated++;
1504 return;
1505 }
1506
1507 /* Skip to first argument to check. */
1508 while (arg_num + 1 < info->first_arg_num)
1509 {
1510 if (params == 0)
1511 return;
1512 params = TREE_CHAIN (params);
1513 ++arg_num;
1514 }
1515 /* Provisionally increment res->number_other; check_format_info_main
1516 will decrement it if it finds there are extra arguments, but this way
1517 need not adjust it for every return. */
1518 res->number_other++;
1519 check_format_info_main (status, res, info, format_chars, format_length,
1520 params, arg_num);
1521 }
1522
1523
1524 /* Do the main part of checking a call to a format function. FORMAT_CHARS
1525 is the NUL-terminated format string (which at this point may contain
1526 internal NUL characters); FORMAT_LENGTH is its length (excluding the
1527 terminating NUL character). ARG_NUM is one less than the number of
1528 the first format argument to check; PARAMS points to that format
1529 argument in the list of arguments. */
1530
1531 static void
1532 check_format_info_main (status, res, info, format_chars, format_length,
1533 params, arg_num)
1534 int *status;
1535 format_check_results *res;
1536 function_format_info *info;
1537 const char *format_chars;
1538 int format_length;
1539 tree params;
1540 unsigned HOST_WIDE_INT arg_num;
1541 {
1542 const char *orig_format_chars = format_chars;
1543 tree first_fillin_param = params;
1544
1545 const format_kind_info *fki = &format_types[info->format_type];
1546 const format_flag_spec *flag_specs = fki->flag_specs;
1547 const format_flag_pair *bad_flag_pairs = fki->bad_flag_pairs;
1548
1549 /* -1 if no conversions taking an operand have been found; 0 if one has
1550 and it didn't use $; 1 if $ formats are in use. */
1551 int has_operand_number = -1;
1552
1553 init_dollar_format_checking (info->first_arg_num, first_fillin_param);
1554
1555 while (1)
1556 {
1557 int i;
1558 int suppressed = FALSE;
1559 const char *length_chars = NULL;
1560 enum format_lengths length_chars_val = FMT_LEN_none;
1561 enum format_std_version length_chars_std = STD_C89;
1562 int format_char;
1563 tree cur_param;
1564 tree wanted_type;
1565 int main_arg_num = 0;
1566 tree main_arg_params = 0;
1567 enum format_std_version wanted_type_std;
1568 const char *wanted_type_name;
1569 format_wanted_type width_wanted_type;
1570 format_wanted_type precision_wanted_type;
1571 format_wanted_type main_wanted_type;
1572 format_wanted_type *first_wanted_type = NULL;
1573 format_wanted_type *last_wanted_type = NULL;
1574 const format_length_info *fli = NULL;
1575 const format_char_info *fci = NULL;
1576 char flag_chars[256];
1577 int aflag = 0;
1578 if (*format_chars == 0)
1579 {
1580 if (format_chars - orig_format_chars != format_length)
1581 status_warning (status, "embedded `\\0' in format");
1582 if (info->first_arg_num != 0 && params != 0
1583 && has_operand_number <= 0)
1584 {
1585 res->number_other--;
1586 res->number_extra_args++;
1587 }
1588 if (has_operand_number > 0)
1589 finish_dollar_format_checking (status, res, fki->flags & (int) FMT_FLAG_DOLLAR_GAP_POINTER_OK);
1590 return;
1591 }
1592 if (*format_chars++ != '%')
1593 continue;
1594 if (*format_chars == 0)
1595 {
1596 status_warning (status, "spurious trailing `%%' in format");
1597 continue;
1598 }
1599 if (*format_chars == '%')
1600 {
1601 ++format_chars;
1602 continue;
1603 }
1604 flag_chars[0] = 0;
1605
1606 if ((fki->flags & (int) FMT_FLAG_USE_DOLLAR) && has_operand_number != 0)
1607 {
1608 /* Possibly read a $ operand number at the start of the format.
1609 If one was previously used, one is required here. If one
1610 is not used here, we can't immediately conclude this is a
1611 format without them, since it could be printf %m or scanf %*. */
1612 int opnum;
1613 opnum = maybe_read_dollar_number (status, &format_chars, 0,
1614 first_fillin_param,
1615 &main_arg_params, fki);
1616 if (opnum == -1)
1617 return;
1618 else if (opnum > 0)
1619 {
1620 has_operand_number = 1;
1621 main_arg_num = opnum + info->first_arg_num - 1;
1622 }
1623 }
1624
1625 /* Read any format flags, but do not yet validate them beyond removing
1626 duplicates, since in general validation depends on the rest of
1627 the format. */
1628 while (*format_chars != 0
1629 && strchr (fki->flag_chars, *format_chars) != 0)
1630 {
1631 const format_flag_spec *s = get_flag_spec (flag_specs,
1632 *format_chars, NULL);
1633 if (strchr (flag_chars, *format_chars) != 0)
1634 {
1635 status_warning (status, "repeated %s in format", _(s->name));
1636 }
1637 else
1638 {
1639 i = strlen (flag_chars);
1640 flag_chars[i++] = *format_chars;
1641 flag_chars[i] = 0;
1642 }
1643 if (s->skip_next_char)
1644 {
1645 ++format_chars;
1646 if (*format_chars == 0)
1647 {
1648 status_warning (status, "missing fill character at end of strfmon format");
1649 return;
1650 }
1651 }
1652 ++format_chars;
1653 }
1654
1655 /* Read any format width, possibly * or *m$. */
1656 if (fki->width_char != 0)
1657 {
1658 if (fki->width_type != NULL && *format_chars == '*')
1659 {
1660 i = strlen (flag_chars);
1661 flag_chars[i++] = fki->width_char;
1662 flag_chars[i] = 0;
1663 /* "...a field width...may be indicated by an asterisk.
1664 In this case, an int argument supplies the field width..." */
1665 ++format_chars;
1666 if (has_operand_number != 0)
1667 {
1668 int opnum;
1669 opnum = maybe_read_dollar_number (status, &format_chars,
1670 has_operand_number == 1,
1671 first_fillin_param,
1672 &params, fki);
1673 if (opnum == -1)
1674 return;
1675 else if (opnum > 0)
1676 {
1677 has_operand_number = 1;
1678 arg_num = opnum + info->first_arg_num - 1;
1679 }
1680 else
1681 has_operand_number = 0;
1682 }
1683 if (info->first_arg_num != 0)
1684 {
1685 if (params == 0)
1686 {
1687 status_warning (status, "too few arguments for format");
1688 return;
1689 }
1690 cur_param = TREE_VALUE (params);
1691 if (has_operand_number <= 0)
1692 {
1693 params = TREE_CHAIN (params);
1694 ++arg_num;
1695 }
1696 width_wanted_type.wanted_type = *fki->width_type;
1697 width_wanted_type.wanted_type_name = NULL;
1698 width_wanted_type.pointer_count = 0;
1699 width_wanted_type.char_lenient_flag = 0;
1700 width_wanted_type.writing_in_flag = 0;
1701 width_wanted_type.reading_from_flag = 0;
1702 width_wanted_type.name = _("field width");
1703 width_wanted_type.param = cur_param;
1704 width_wanted_type.arg_num = arg_num;
1705 width_wanted_type.next = NULL;
1706 if (last_wanted_type != 0)
1707 last_wanted_type->next = &width_wanted_type;
1708 if (first_wanted_type == 0)
1709 first_wanted_type = &width_wanted_type;
1710 last_wanted_type = &width_wanted_type;
1711 }
1712 }
1713 else
1714 {
1715 /* Possibly read a numeric width. If the width is zero,
1716 we complain if appropriate. */
1717 int non_zero_width_char = FALSE;
1718 int found_width = FALSE;
1719 while (ISDIGIT (*format_chars))
1720 {
1721 found_width = TRUE;
1722 if (*format_chars != '0')
1723 non_zero_width_char = TRUE;
1724 ++format_chars;
1725 }
1726 if (found_width && !non_zero_width_char &&
1727 (fki->flags & (int) FMT_FLAG_ZERO_WIDTH_BAD))
1728 status_warning (status, "zero width in %s format",
1729 fki->name);
1730 if (found_width)
1731 {
1732 i = strlen (flag_chars);
1733 flag_chars[i++] = fki->width_char;
1734 flag_chars[i] = 0;
1735 }
1736 }
1737 }
1738
1739 /* Read any format left precision (must be a number, not *). */
1740 if (fki->left_precision_char != 0 && *format_chars == '#')
1741 {
1742 ++format_chars;
1743 i = strlen (flag_chars);
1744 flag_chars[i++] = fki->left_precision_char;
1745 flag_chars[i] = 0;
1746 if (!ISDIGIT (*format_chars))
1747 status_warning (status, "empty left precision in %s format",
1748 fki->name);
1749 while (ISDIGIT (*format_chars))
1750 ++format_chars;
1751 }
1752
1753 /* Read any format precision, possibly * or *m$. */
1754 if (fki->precision_char != 0 && *format_chars == '.')
1755 {
1756 ++format_chars;
1757 i = strlen (flag_chars);
1758 flag_chars[i++] = fki->precision_char;
1759 flag_chars[i] = 0;
1760 if (fki->precision_type != NULL && *format_chars == '*')
1761 {
1762 /* "...a...precision...may be indicated by an asterisk.
1763 In this case, an int argument supplies the...precision." */
1764 ++format_chars;
1765 if (has_operand_number != 0)
1766 {
1767 int opnum;
1768 opnum = maybe_read_dollar_number (status, &format_chars,
1769 has_operand_number == 1,
1770 first_fillin_param,
1771 &params, fki);
1772 if (opnum == -1)
1773 return;
1774 else if (opnum > 0)
1775 {
1776 has_operand_number = 1;
1777 arg_num = opnum + info->first_arg_num - 1;
1778 }
1779 else
1780 has_operand_number = 0;
1781 }
1782 if (info->first_arg_num != 0)
1783 {
1784 if (params == 0)
1785 {
1786 status_warning (status, "too few arguments for format");
1787 return;
1788 }
1789 cur_param = TREE_VALUE (params);
1790 if (has_operand_number <= 0)
1791 {
1792 params = TREE_CHAIN (params);
1793 ++arg_num;
1794 }
1795 precision_wanted_type.wanted_type = *fki->precision_type;
1796 precision_wanted_type.wanted_type_name = NULL;
1797 precision_wanted_type.pointer_count = 0;
1798 precision_wanted_type.char_lenient_flag = 0;
1799 precision_wanted_type.writing_in_flag = 0;
1800 precision_wanted_type.reading_from_flag = 0;
1801 precision_wanted_type.name = _("field precision");
1802 precision_wanted_type.param = cur_param;
1803 precision_wanted_type.arg_num = arg_num;
1804 precision_wanted_type.next = NULL;
1805 if (last_wanted_type != 0)
1806 last_wanted_type->next = &precision_wanted_type;
1807 if (first_wanted_type == 0)
1808 first_wanted_type = &precision_wanted_type;
1809 last_wanted_type = &precision_wanted_type;
1810 }
1811 }
1812 else
1813 {
1814 if (!(fki->flags & (int) FMT_FLAG_EMPTY_PREC_OK)
1815 && !ISDIGIT (*format_chars))
1816 status_warning (status, "empty precision in %s format",
1817 fki->name);
1818 while (ISDIGIT (*format_chars))
1819 ++format_chars;
1820 }
1821 }
1822
1823 /* Read any length modifier, if this kind of format has them. */
1824 fli = fki->length_char_specs;
1825 length_chars = NULL;
1826 length_chars_val = FMT_LEN_none;
1827 length_chars_std = STD_C89;
1828 if (fli)
1829 {
1830 while (fli->name != 0 && fli->name[0] != *format_chars)
1831 fli++;
1832 if (fli->name != 0)
1833 {
1834 format_chars++;
1835 if (fli->double_name != 0 && fli->name[0] == *format_chars)
1836 {
1837 format_chars++;
1838 length_chars = fli->double_name;
1839 length_chars_val = fli->double_index;
1840 length_chars_std = fli->double_std;
1841 }
1842 else
1843 {
1844 length_chars = fli->name;
1845 length_chars_val = fli->index;
1846 length_chars_std = fli->std;
1847 }
1848 i = strlen (flag_chars);
1849 flag_chars[i++] = fki->length_code_char;
1850 flag_chars[i] = 0;
1851 }
1852 if (pedantic)
1853 {
1854 /* Warn if the length modifier is non-standard. */
1855 if (ADJ_STD (length_chars_std) > C_STD_VER)
1856 status_warning (status, "%s does not support the `%s' %s length modifier",
1857 C_STD_NAME (length_chars_std), length_chars,
1858 fki->name);
1859 }
1860 }
1861
1862 /* Read any modifier (strftime E/O). */
1863 if (fki->modifier_chars != NULL)
1864 {
1865 while (*format_chars != 0
1866 && strchr (fki->modifier_chars, *format_chars) != 0)
1867 {
1868 if (strchr (flag_chars, *format_chars) != 0)
1869 {
1870 const format_flag_spec *s = get_flag_spec (flag_specs,
1871 *format_chars, NULL);
1872 status_warning (status, "repeated %s in format", _(s->name));
1873 }
1874 else
1875 {
1876 i = strlen (flag_chars);
1877 flag_chars[i++] = *format_chars;
1878 flag_chars[i] = 0;
1879 }
1880 ++format_chars;
1881 }
1882 }
1883
1884 /* Handle the scanf allocation kludge. */
1885 if (fki->flags & (int) FMT_FLAG_SCANF_A_KLUDGE)
1886 {
1887 if (*format_chars == 'a' && !flag_isoc99)
1888 {
1889 if (format_chars[1] == 's' || format_chars[1] == 'S'
1890 || format_chars[1] == '[')
1891 {
1892 /* `a' is used as a flag. */
1893 i = strlen (flag_chars);
1894 flag_chars[i++] = 'a';
1895 flag_chars[i] = 0;
1896 format_chars++;
1897 }
1898 }
1899 }
1900
1901 format_char = *format_chars;
1902 if (format_char == 0
1903 || (!(fki->flags & (int) FMT_FLAG_FANCY_PERCENT_OK)
1904 && format_char == '%'))
1905 {
1906 status_warning (status, "conversion lacks type at end of format");
1907 continue;
1908 }
1909 format_chars++;
1910 fci = fki->conversion_specs;
1911 while (fci->format_chars != 0
1912 && strchr (fci->format_chars, format_char) == 0)
1913 ++fci;
1914 if (fci->format_chars == 0)
1915 {
1916 if (ISGRAPH(format_char))
1917 status_warning (status, "unknown conversion type character `%c' in format",
1918 format_char);
1919 else
1920 status_warning (status, "unknown conversion type character 0x%x in format",
1921 format_char);
1922 continue;
1923 }
1924 if (pedantic)
1925 {
1926 if (ADJ_STD (fci->std) > C_STD_VER)
1927 status_warning (status, "%s does not support the `%%%c' %s format",
1928 C_STD_NAME (fci->std), format_char, fki->name);
1929 }
1930
1931 /* Validate the individual flags used, removing any that are invalid. */
1932 {
1933 int d = 0;
1934 for (i = 0; flag_chars[i] != 0; i++)
1935 {
1936 const format_flag_spec *s = get_flag_spec (flag_specs,
1937 flag_chars[i], NULL);
1938 flag_chars[i - d] = flag_chars[i];
1939 if (flag_chars[i] == fki->length_code_char)
1940 continue;
1941 if (strchr (fci->flag_chars, flag_chars[i]) == 0)
1942 {
1943 status_warning (status, "%s used with `%%%c' %s format",
1944 _(s->name), format_char, fki->name);
1945 d++;
1946 continue;
1947 }
1948 if (pedantic)
1949 {
1950 const format_flag_spec *t;
1951 if (ADJ_STD (s->std) > C_STD_VER)
1952 status_warning (status, "%s does not support %s",
1953 C_STD_NAME (s->std), _(s->long_name));
1954 t = get_flag_spec (flag_specs, flag_chars[i], fci->flags2);
1955 if (t != NULL && ADJ_STD (t->std) > ADJ_STD (s->std))
1956 {
1957 const char *long_name = (t->long_name != NULL
1958 ? t->long_name
1959 : s->long_name);
1960 if (ADJ_STD (t->std) > C_STD_VER)
1961 status_warning (status, "%s does not support %s with the `%%%c' %s format",
1962 C_STD_NAME (t->std), _(long_name),
1963 format_char, fki->name);
1964 }
1965 }
1966 }
1967 flag_chars[i - d] = 0;
1968 }
1969
1970 if ((fki->flags & (int) FMT_FLAG_SCANF_A_KLUDGE)
1971 && strchr (flag_chars, 'a') != 0)
1972 aflag = 1;
1973
1974 if (fki->suppression_char
1975 && strchr (flag_chars, fki->suppression_char) != 0)
1976 suppressed = 1;
1977
1978 /* Validate the pairs of flags used. */
1979 for (i = 0; bad_flag_pairs[i].flag_char1 != 0; i++)
1980 {
1981 const format_flag_spec *s, *t;
1982 if (strchr (flag_chars, bad_flag_pairs[i].flag_char1) == 0)
1983 continue;
1984 if (strchr (flag_chars, bad_flag_pairs[i].flag_char2) == 0)
1985 continue;
1986 if (bad_flag_pairs[i].predicate != 0
1987 && strchr (fci->flags2, bad_flag_pairs[i].predicate) == 0)
1988 continue;
1989 s = get_flag_spec (flag_specs, bad_flag_pairs[i].flag_char1, NULL);
1990 t = get_flag_spec (flag_specs, bad_flag_pairs[i].flag_char2, NULL);
1991 if (bad_flag_pairs[i].ignored)
1992 {
1993 if (bad_flag_pairs[i].predicate != 0)
1994 status_warning (status, "%s ignored with %s and `%%%c' %s format",
1995 _(s->name), _(t->name), format_char,
1996 fki->name);
1997 else
1998 status_warning (status, "%s ignored with %s in %s format",
1999 _(s->name), _(t->name), fki->name);
2000 }
2001 else
2002 {
2003 if (bad_flag_pairs[i].predicate != 0)
2004 status_warning (status, "use of %s and %s together with `%%%c' %s format",
2005 _(s->name), _(t->name), format_char,
2006 fki->name);
2007 else
2008 status_warning (status, "use of %s and %s together in %s format",
2009 _(s->name), _(t->name), fki->name);
2010 }
2011 }
2012
2013 /* Give Y2K warnings. */
2014 if (warn_format_y2k)
2015 {
2016 int y2k_level = 0;
2017 if (strchr (fci->flags2, '4') != 0)
2018 if (strchr (flag_chars, 'E') != 0)
2019 y2k_level = 3;
2020 else
2021 y2k_level = 2;
2022 else if (strchr (fci->flags2, '3') != 0)
2023 y2k_level = 3;
2024 else if (strchr (fci->flags2, '2') != 0)
2025 y2k_level = 2;
2026 if (y2k_level == 3)
2027 status_warning (status, "`%%%c' yields only last 2 digits of year in some locales",
2028 format_char);
2029 else if (y2k_level == 2)
2030 status_warning (status, "`%%%c' yields only last 2 digits of year", format_char);
2031 }
2032
2033 if (strchr (fci->flags2, '[') != 0)
2034 {
2035 /* Skip over scan set, in case it happens to have '%' in it. */
2036 if (*format_chars == '^')
2037 ++format_chars;
2038 /* Find closing bracket; if one is hit immediately, then
2039 it's part of the scan set rather than a terminator. */
2040 if (*format_chars == ']')
2041 ++format_chars;
2042 while (*format_chars && *format_chars != ']')
2043 ++format_chars;
2044 if (*format_chars != ']')
2045 /* The end of the format string was reached. */
2046 status_warning (status, "no closing `]' for `%%[' format");
2047 }
2048
2049 wanted_type = 0;
2050 wanted_type_name = 0;
2051 if (fki->flags & (int) FMT_FLAG_ARG_CONVERT)
2052 {
2053 wanted_type = (fci->types[length_chars_val].type
2054 ? *fci->types[length_chars_val].type : 0);
2055 wanted_type_name = fci->types[length_chars_val].name;
2056 wanted_type_std = fci->types[length_chars_val].std;
2057 if (wanted_type == 0)
2058 {
2059 status_warning (status, "use of `%s' length modifier with `%c' type character",
2060 length_chars, format_char);
2061 /* Heuristic: skip one argument when an invalid length/type
2062 combination is encountered. */
2063 arg_num++;
2064 if (params == 0)
2065 {
2066 status_warning (status, "too few arguments for format");
2067 return;
2068 }
2069 params = TREE_CHAIN (params);
2070 continue;
2071 }
2072 else if (pedantic
2073 /* Warn if non-standard, provided it is more non-standard
2074 than the length and type characters that may already
2075 have been warned for. */
2076 && ADJ_STD (wanted_type_std) > ADJ_STD (length_chars_std)
2077 && ADJ_STD (wanted_type_std) > ADJ_STD (fci->std))
2078 {
2079 if (ADJ_STD (wanted_type_std) > C_STD_VER)
2080 status_warning (status, "%s does not support the `%%%s%c' %s format",
2081 C_STD_NAME (wanted_type_std), length_chars,
2082 format_char, fki->name);
2083 }
2084 }
2085
2086 /* Finally. . .check type of argument against desired type! */
2087 if (info->first_arg_num == 0)
2088 continue;
2089 if ((fci->pointer_count == 0 && wanted_type == void_type_node)
2090 || suppressed)
2091 {
2092 if (main_arg_num != 0)
2093 {
2094 if (suppressed)
2095 status_warning (status, "operand number specified with suppressed assignment");
2096 else
2097 status_warning (status, "operand number specified for format taking no argument");
2098 }
2099 }
2100 else
2101 {
2102 if (main_arg_num != 0)
2103 {
2104 arg_num = main_arg_num;
2105 params = main_arg_params;
2106 }
2107 else
2108 {
2109 ++arg_num;
2110 if (has_operand_number > 0)
2111 {
2112 status_warning (status, "missing $ operand number in format");
2113 return;
2114 }
2115 else
2116 has_operand_number = 0;
2117 if (params == 0)
2118 {
2119 status_warning (status, "too few arguments for format");
2120 return;
2121 }
2122 }
2123 cur_param = TREE_VALUE (params);
2124 params = TREE_CHAIN (params);
2125 main_wanted_type.wanted_type = wanted_type;
2126 main_wanted_type.wanted_type_name = wanted_type_name;
2127 main_wanted_type.pointer_count = fci->pointer_count + aflag;
2128 main_wanted_type.char_lenient_flag = 0;
2129 if (strchr (fci->flags2, 'c') != 0)
2130 main_wanted_type.char_lenient_flag = 1;
2131 main_wanted_type.writing_in_flag = 0;
2132 main_wanted_type.reading_from_flag = 0;
2133 if (aflag)
2134 main_wanted_type.writing_in_flag = 1;
2135 else
2136 {
2137 if (strchr (fci->flags2, 'W') != 0)
2138 main_wanted_type.writing_in_flag = 1;
2139 if (strchr (fci->flags2, 'R') != 0)
2140 main_wanted_type.reading_from_flag = 1;
2141 }
2142 main_wanted_type.name = NULL;
2143 main_wanted_type.param = cur_param;
2144 main_wanted_type.arg_num = arg_num;
2145 main_wanted_type.next = NULL;
2146 if (last_wanted_type != 0)
2147 last_wanted_type->next = &main_wanted_type;
2148 if (first_wanted_type == 0)
2149 first_wanted_type = &main_wanted_type;
2150 last_wanted_type = &main_wanted_type;
2151 }
2152
2153 if (first_wanted_type != 0)
2154 check_format_types (status, first_wanted_type);
2155
2156 }
2157 }
2158
2159
2160 /* Check the argument types from a single format conversion (possibly
2161 including width and precision arguments). */
2162 static void
2163 check_format_types (status, types)
2164 int *status;
2165 format_wanted_type *types;
2166 {
2167 for (; types != 0; types = types->next)
2168 {
2169 tree cur_param;
2170 tree cur_type;
2171 tree orig_cur_type;
2172 tree wanted_type;
2173 int arg_num;
2174 int i;
2175 int char_type_flag;
2176 cur_param = types->param;
2177 cur_type = TREE_TYPE (cur_param);
2178 if (cur_type == error_mark_node)
2179 continue;
2180 char_type_flag = 0;
2181 wanted_type = types->wanted_type;
2182 arg_num = types->arg_num;
2183
2184 /* The following should not occur here. */
2185 if (wanted_type == 0)
2186 abort ();
2187 if (wanted_type == void_type_node && types->pointer_count == 0)
2188 abort ();
2189
2190 if (types->pointer_count == 0)
2191 wanted_type = (*lang_hooks.types.type_promotes_to) (wanted_type);
2192
2193 STRIP_NOPS (cur_param);
2194
2195 /* Check the types of any additional pointer arguments
2196 that precede the "real" argument. */
2197 for (i = 0; i < types->pointer_count; ++i)
2198 {
2199 if (TREE_CODE (cur_type) == POINTER_TYPE)
2200 {
2201 cur_type = TREE_TYPE (cur_type);
2202 if (cur_type == error_mark_node)
2203 break;
2204
2205 /* Check for writing through a NULL pointer. */
2206 if (types->writing_in_flag
2207 && i == 0
2208 && cur_param != 0
2209 && integer_zerop (cur_param))
2210 status_warning (status,
2211 "writing through null pointer (arg %d)",
2212 arg_num);
2213
2214 /* Check for reading through a NULL pointer. */
2215 if (types->reading_from_flag
2216 && i == 0
2217 && cur_param != 0
2218 && integer_zerop (cur_param))
2219 status_warning (status,
2220 "reading through null pointer (arg %d)",
2221 arg_num);
2222
2223 if (cur_param != 0 && TREE_CODE (cur_param) == ADDR_EXPR)
2224 cur_param = TREE_OPERAND (cur_param, 0);
2225 else
2226 cur_param = 0;
2227
2228 /* See if this is an attempt to write into a const type with
2229 scanf or with printf "%n". Note: the writing in happens
2230 at the first indirection only, if for example
2231 void * const * is passed to scanf %p; passing
2232 const void ** is simply passing an incompatible type. */
2233 if (types->writing_in_flag
2234 && i == 0
2235 && (TYPE_READONLY (cur_type)
2236 || (cur_param != 0
2237 && (TREE_CODE_CLASS (TREE_CODE (cur_param)) == 'c'
2238 || (DECL_P (cur_param)
2239 && TREE_READONLY (cur_param))))))
2240 status_warning (status, "writing into constant object (arg %d)", arg_num);
2241
2242 /* If there are extra type qualifiers beyond the first
2243 indirection, then this makes the types technically
2244 incompatible. */
2245 if (i > 0
2246 && pedantic
2247 && (TYPE_READONLY (cur_type)
2248 || TYPE_VOLATILE (cur_type)
2249 || TYPE_RESTRICT (cur_type)))
2250 status_warning (status, "extra type qualifiers in format argument (arg %d)",
2251 arg_num);
2252
2253 }
2254 else
2255 {
2256 if (types->pointer_count == 1)
2257 status_warning (status, "format argument is not a pointer (arg %d)", arg_num);
2258 else
2259 status_warning (status, "format argument is not a pointer to a pointer (arg %d)", arg_num);
2260 break;
2261 }
2262 }
2263
2264 if (i < types->pointer_count)
2265 continue;
2266
2267 orig_cur_type = cur_type;
2268 cur_type = TYPE_MAIN_VARIANT (cur_type);
2269
2270 /* Check whether the argument type is a character type. This leniency
2271 only applies to certain formats, flagged with 'c'.
2272 */
2273 if (types->char_lenient_flag)
2274 char_type_flag = (cur_type == char_type_node
2275 || cur_type == signed_char_type_node
2276 || cur_type == unsigned_char_type_node);
2277
2278 /* Check the type of the "real" argument, if there's a type we want. */
2279 if (wanted_type == cur_type)
2280 continue;
2281 /* If we want `void *', allow any pointer type.
2282 (Anything else would already have got a warning.)
2283 With -pedantic, only allow pointers to void and to character
2284 types. */
2285 if (wanted_type == void_type_node
2286 && (!pedantic || (i == 1 && char_type_flag)))
2287 continue;
2288 /* Don't warn about differences merely in signedness, unless
2289 -pedantic. With -pedantic, warn if the type is a pointer
2290 target and not a character type, and for character types at
2291 a second level of indirection. */
2292 if (TREE_CODE (wanted_type) == INTEGER_TYPE
2293 && TREE_CODE (cur_type) == INTEGER_TYPE
2294 && (! pedantic || i == 0 || (i == 1 && char_type_flag))
2295 && (TREE_UNSIGNED (wanted_type)
2296 ? wanted_type == c_common_unsigned_type (cur_type)
2297 : wanted_type == c_common_signed_type (cur_type)))
2298 continue;
2299 /* Likewise, "signed char", "unsigned char" and "char" are
2300 equivalent but the above test won't consider them equivalent. */
2301 if (wanted_type == char_type_node
2302 && (! pedantic || i < 2)
2303 && char_type_flag)
2304 continue;
2305 /* Now we have a type mismatch. */
2306 {
2307 const char *this;
2308 const char *that;
2309
2310 this = IDENTIFIER_POINTER (DECL_NAME (TYPE_NAME (wanted_type)));
2311 that = 0;
2312 if (TYPE_NAME (orig_cur_type) != 0
2313 && TREE_CODE (orig_cur_type) != INTEGER_TYPE
2314 && !(TREE_CODE (orig_cur_type) == POINTER_TYPE
2315 && TREE_CODE (TREE_TYPE (orig_cur_type)) == INTEGER_TYPE))
2316 {
2317 if (TREE_CODE (TYPE_NAME (orig_cur_type)) == TYPE_DECL
2318 && DECL_NAME (TYPE_NAME (orig_cur_type)) != 0)
2319 that = IDENTIFIER_POINTER (DECL_NAME (TYPE_NAME (orig_cur_type)));
2320 else
2321 that = IDENTIFIER_POINTER (TYPE_NAME (orig_cur_type));
2322 }
2323
2324 /* A nameless type can't possibly match what the format wants.
2325 So there will be a warning for it.
2326 Make up a string to describe vaguely what it is. */
2327 if (that == 0)
2328 {
2329 if (TREE_CODE (orig_cur_type) == POINTER_TYPE)
2330 that = _("pointer");
2331 else
2332 that = _("different type");
2333 }
2334
2335 /* Make the warning better in case of mismatch of int vs long. */
2336 if (TREE_CODE (orig_cur_type) == INTEGER_TYPE
2337 && TREE_CODE (wanted_type) == INTEGER_TYPE
2338 && TYPE_PRECISION (orig_cur_type) == TYPE_PRECISION (wanted_type)
2339 && TYPE_NAME (orig_cur_type) != 0
2340 && TREE_CODE (TYPE_NAME (orig_cur_type)) == TYPE_DECL)
2341 that = IDENTIFIER_POINTER (DECL_NAME (TYPE_NAME (orig_cur_type)));
2342
2343 if (strcmp (this, that) != 0)
2344 {
2345 /* There may be a better name for the format, e.g. size_t,
2346 but we should allow for programs with a perverse typedef
2347 making size_t something other than what the compiler
2348 thinks. */
2349 if (types->wanted_type_name != 0
2350 && strcmp (types->wanted_type_name, that) != 0)
2351 this = types->wanted_type_name;
2352 if (types->name != 0)
2353 status_warning (status, "%s is not type %s (arg %d)", types->name, this,
2354 arg_num);
2355 else
2356 status_warning (status, "%s format, %s arg (arg %d)", this, that, arg_num);
2357 }
2358 }
2359 }
2360 }
Mirror of the offical gcc git repository hosted at gcc.gnu.org