projects / gcc.git / blob
? search:


fd9b200398a9429a333c630d51d3afcf8e75b064
[gcc.git] / gcc / c-format.c
1 /* Check calls to formatted I/O functions (-Wformat).
2 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
3 2001, 2002, 2003 Free Software Foundation, Inc.
4
5 This file is part of GCC.
6
7 GCC is free software; you can redistribute it and/or modify it under
8 the terms of the GNU General Public License as published by the Free
9 Software Foundation; either version 2, or (at your option) any later
10 version.
11
12 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
13 WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with GCC; see the file COPYING. If not, write to the Free
19 Software Foundation, 59 Temple Place - Suite 330, Boston, MA
20 02111-1307, USA. */
21
22 #include "config.h"
23 #include "system.h"
24 #include "coretypes.h"
25 #include "tm.h"
26 #include "tree.h"
27 #include "flags.h"
28 #include "toplev.h"
29 #include "c-common.h"
30 #include "intl.h"
31 #include "diagnostic.h"
32 #include "langhooks.h"
33 \f
34 /* Set format warning options according to a -Wformat=n option. */
35
36 void
37 set_Wformat (setting)
38 int setting;
39 {
40 warn_format = setting;
41 warn_format_y2k = setting;
42 warn_format_extra_args = setting;
43 warn_format_zero_length = setting;
44 if (setting != 1)
45 {
46 warn_format_nonliteral = setting;
47 warn_format_security = setting;
48 }
49 /* Make sure not to disable -Wnonnull if -Wformat=0 is specified. */
50 if (setting)
51 warn_nonnull = setting;
52 }
53
54 \f
55 /* Handle attributes associated with format checking. */
56
57 /* This must be in the same order as format_types, with format_type_error
58 last. */
59 enum format_type { printf_format_type, scanf_format_type,
60 strftime_format_type, strfmon_format_type,
61 format_type_error };
62
63 typedef struct function_format_info
64 {
65 enum format_type format_type; /* type of format (printf, scanf, etc.) */
66 unsigned HOST_WIDE_INT format_num; /* number of format argument */
67 unsigned HOST_WIDE_INT first_arg_num; /* number of first arg (zero for varargs) */
68 } function_format_info;
69
70 static bool decode_format_attr PARAMS ((tree,
71 function_format_info *, int));
72 static enum format_type decode_format_type PARAMS ((const char *));
73
74 /* Handle a "format" attribute; arguments as in
75 struct attribute_spec.handler. */
76 tree
77 handle_format_attribute (node, name, args, flags, no_add_attrs)
78 tree *node;
79 tree name ATTRIBUTE_UNUSED;
80 tree args;
81 int flags;
82 bool *no_add_attrs;
83 {
84 tree type = *node;
85 function_format_info info;
86 tree argument;
87 unsigned HOST_WIDE_INT arg_num;
88
89 if (!decode_format_attr (args, &info, 0))
90 {
91 *no_add_attrs = true;
92 return NULL_TREE;
93 }
94
95 /* If a parameter list is specified, verify that the format_num
96 argument is actually a string, in case the format attribute
97 is in error. */
98 argument = TYPE_ARG_TYPES (type);
99 if (argument)
100 {
101 for (arg_num = 1; argument != 0 && arg_num != info.format_num;
102 ++arg_num, argument = TREE_CHAIN (argument))
103 ;
104
105 if (! argument
106 || TREE_CODE (TREE_VALUE (argument)) != POINTER_TYPE
107 || (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_VALUE (argument)))
108 != char_type_node))
109 {
110 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
111 error ("format string arg not a string type");
112 *no_add_attrs = true;
113 return NULL_TREE;
114 }
115
116 else if (info.first_arg_num != 0)
117 {
118 /* Verify that first_arg_num points to the last arg,
119 the ... */
120 while (argument)
121 arg_num++, argument = TREE_CHAIN (argument);
122
123 if (arg_num != info.first_arg_num)
124 {
125 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
126 error ("args to be formatted is not '...'");
127 *no_add_attrs = true;
128 return NULL_TREE;
129 }
130 }
131 }
132
133 if (info.format_type == strftime_format_type && info.first_arg_num != 0)
134 {
135 error ("strftime formats cannot format arguments");
136 *no_add_attrs = true;
137 return NULL_TREE;
138 }
139
140 return NULL_TREE;
141 }
142
143
144 /* Handle a "format_arg" attribute; arguments as in
145 struct attribute_spec.handler. */
146 tree
147 handle_format_arg_attribute (node, name, args, flags, no_add_attrs)
148 tree *node;
149 tree name ATTRIBUTE_UNUSED;
150 tree args;
151 int flags;
152 bool *no_add_attrs;
153 {
154 tree type = *node;
155 tree format_num_expr = TREE_VALUE (args);
156 unsigned HOST_WIDE_INT format_num;
157 unsigned HOST_WIDE_INT arg_num;
158 tree argument;
159
160 /* Strip any conversions from the first arg number and verify it
161 is a constant. */
162 while (TREE_CODE (format_num_expr) == NOP_EXPR
163 || TREE_CODE (format_num_expr) == CONVERT_EXPR
164 || TREE_CODE (format_num_expr) == NON_LVALUE_EXPR)
165 format_num_expr = TREE_OPERAND (format_num_expr, 0);
166
167 if (TREE_CODE (format_num_expr) != INTEGER_CST
168 || TREE_INT_CST_HIGH (format_num_expr) != 0)
169 {
170 error ("format string has invalid operand number");
171 *no_add_attrs = true;
172 return NULL_TREE;
173 }
174
175 format_num = TREE_INT_CST_LOW (format_num_expr);
176
177 /* If a parameter list is specified, verify that the format_num
178 argument is actually a string, in case the format attribute
179 is in error. */
180 argument = TYPE_ARG_TYPES (type);
181 if (argument)
182 {
183 for (arg_num = 1; argument != 0 && arg_num != format_num;
184 ++arg_num, argument = TREE_CHAIN (argument))
185 ;
186
187 if (! argument
188 || TREE_CODE (TREE_VALUE (argument)) != POINTER_TYPE
189 || (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_VALUE (argument)))
190 != char_type_node))
191 {
192 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
193 error ("format string arg not a string type");
194 *no_add_attrs = true;
195 return NULL_TREE;
196 }
197 }
198
199 if (TREE_CODE (TREE_TYPE (type)) != POINTER_TYPE
200 || (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (type)))
201 != char_type_node))
202 {
203 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
204 error ("function does not return string type");
205 *no_add_attrs = true;
206 return NULL_TREE;
207 }
208
209 return NULL_TREE;
210 }
211
212
213 /* Decode the arguments to a "format" attribute into a function_format_info
214 structure. It is already known that the list is of the right length.
215 If VALIDATED_P is true, then these attributes have already been validated
216 and this function will abort if they are erroneous; if false, it
217 will give an error message. Returns true if the attributes are
218 successfully decoded, false otherwise. */
219
220 static bool
221 decode_format_attr (args, info, validated_p)
222 tree args;
223 function_format_info *info;
224 int validated_p;
225 {
226 tree format_type_id = TREE_VALUE (args);
227 tree format_num_expr = TREE_VALUE (TREE_CHAIN (args));
228 tree first_arg_num_expr
229 = TREE_VALUE (TREE_CHAIN (TREE_CHAIN (args)));
230
231 if (TREE_CODE (format_type_id) != IDENTIFIER_NODE)
232 {
233 if (validated_p)
234 abort ();
235 error ("unrecognized format specifier");
236 return false;
237 }
238 else
239 {
240 const char *p = IDENTIFIER_POINTER (format_type_id);
241
242 info->format_type = decode_format_type (p);
243
244 if (info->format_type == format_type_error)
245 {
246 if (validated_p)
247 abort ();
248 warning ("`%s' is an unrecognized format function type", p);
249 return false;
250 }
251 }
252
253 /* Strip any conversions from the string index and first arg number
254 and verify they are constants. */
255 while (TREE_CODE (format_num_expr) == NOP_EXPR
256 || TREE_CODE (format_num_expr) == CONVERT_EXPR
257 || TREE_CODE (format_num_expr) == NON_LVALUE_EXPR)
258 format_num_expr = TREE_OPERAND (format_num_expr, 0);
259
260 while (TREE_CODE (first_arg_num_expr) == NOP_EXPR
261 || TREE_CODE (first_arg_num_expr) == CONVERT_EXPR
262 || TREE_CODE (first_arg_num_expr) == NON_LVALUE_EXPR)
263 first_arg_num_expr = TREE_OPERAND (first_arg_num_expr, 0);
264
265 if (TREE_CODE (format_num_expr) != INTEGER_CST
266 || TREE_INT_CST_HIGH (format_num_expr) != 0
267 || TREE_CODE (first_arg_num_expr) != INTEGER_CST
268 || TREE_INT_CST_HIGH (first_arg_num_expr) != 0)
269 {
270 if (validated_p)
271 abort ();
272 error ("format string has invalid operand number");
273 return false;
274 }
275
276 info->format_num = TREE_INT_CST_LOW (format_num_expr);
277 info->first_arg_num = TREE_INT_CST_LOW (first_arg_num_expr);
278 if (info->first_arg_num != 0 && info->first_arg_num <= info->format_num)
279 {
280 if (validated_p)
281 abort ();
282 error ("format string arg follows the args to be formatted");
283 return false;
284 }
285
286 return true;
287 }
288 \f
289 /* Check a call to a format function against a parameter list. */
290
291 /* The meaningfully distinct length modifiers for format checking recognized
292 by GCC. */
293 enum format_lengths
294 {
295 FMT_LEN_none,
296 FMT_LEN_hh,
297 FMT_LEN_h,
298 FMT_LEN_l,
299 FMT_LEN_ll,
300 FMT_LEN_L,
301 FMT_LEN_z,
302 FMT_LEN_t,
303 FMT_LEN_j,
304 FMT_LEN_MAX
305 };
306
307
308 /* The standard versions in which various format features appeared. */
309 enum format_std_version
310 {
311 STD_C89,
312 STD_C94,
313 STD_C9L, /* C99, but treat as C89 if -Wno-long-long. */
314 STD_C99,
315 STD_EXT
316 };
317
318 /* The C standard version C++ is treated as equivalent to
319 or inheriting from, for the purpose of format features supported. */
320 #define CPLUSPLUS_STD_VER STD_C94
321 /* The C standard version we are checking formats against when pedantic. */
322 #define C_STD_VER ((int)(c_language == clk_cplusplus \
323 ? CPLUSPLUS_STD_VER \
324 : (flag_isoc99 \
325 ? STD_C99 \
326 : (flag_isoc94 ? STD_C94 : STD_C89))))
327 /* The name to give to the standard version we are warning about when
328 pedantic. FEATURE_VER is the version in which the feature warned out
329 appeared, which is higher than C_STD_VER. */
330 #define C_STD_NAME(FEATURE_VER) (c_language == clk_cplusplus \
331 ? "ISO C++" \
332 : ((FEATURE_VER) == STD_EXT \
333 ? "ISO C" \
334 : "ISO C90"))
335 /* Adjust a C standard version, which may be STD_C9L, to account for
336 -Wno-long-long. Returns other standard versions unchanged. */
337 #define ADJ_STD(VER) ((int)((VER) == STD_C9L \
338 ? (warn_long_long ? STD_C99 : STD_C89) \
339 : (VER)))
340
341 /* Flags that may apply to a particular kind of format checked by GCC. */
342 enum
343 {
344 /* This format converts arguments of types determined by the
345 format string. */
346 FMT_FLAG_ARG_CONVERT = 1,
347 /* The scanf allocation 'a' kludge applies to this format kind. */
348 FMT_FLAG_SCANF_A_KLUDGE = 2,
349 /* A % during parsing a specifier is allowed to be a modified % rather
350 that indicating the format is broken and we are out-of-sync. */
351 FMT_FLAG_FANCY_PERCENT_OK = 4,
352 /* With $ operand numbers, it is OK to reference the same argument more
353 than once. */
354 FMT_FLAG_DOLLAR_MULTIPLE = 8,
355 /* This format type uses $ operand numbers (strfmon doesn't). */
356 FMT_FLAG_USE_DOLLAR = 16,
357 /* Zero width is bad in this type of format (scanf). */
358 FMT_FLAG_ZERO_WIDTH_BAD = 32,
359 /* Empty precision specification is OK in this type of format (printf). */
360 FMT_FLAG_EMPTY_PREC_OK = 64,
361 /* Gaps are allowed in the arguments with $ operand numbers if all
362 arguments are pointers (scanf). */
363 FMT_FLAG_DOLLAR_GAP_POINTER_OK = 128
364 /* Not included here: details of whether width or precision may occur
365 (controlled by width_char and precision_char); details of whether
366 '*' can be used for these (width_type and precision_type); details
367 of whether length modifiers can occur (length_char_specs). */
368 };
369
370
371 /* Structure describing a length modifier supported in format checking, and
372 possibly a doubled version such as "hh". */
373 typedef struct
374 {
375 /* Name of the single-character length modifier. */
376 const char *const name;
377 /* Index into a format_char_info.types array. */
378 const enum format_lengths index;
379 /* Standard version this length appears in. */
380 const enum format_std_version std;
381 /* Same, if the modifier can be repeated, or NULL if it can't. */
382 const char *const double_name;
383 const enum format_lengths double_index;
384 const enum format_std_version double_std;
385 } format_length_info;
386
387
388 /* Structure describing the combination of a conversion specifier
389 (or a set of specifiers which act identically) and a length modifier. */
390 typedef struct
391 {
392 /* The standard version this combination of length and type appeared in.
393 This is only relevant if greater than those for length and type
394 individually; otherwise it is ignored. */
395 enum format_std_version std;
396 /* The name to use for the type, if different from that generated internally
397 (e.g., "signed size_t"). */
398 const char *name;
399 /* The type itself. */
400 tree *type;
401 } format_type_detail;
402
403
404 /* Macros to fill out tables of these. */
405 #define BADLEN { 0, NULL, NULL }
406 #define NOLENGTHS { BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }
407
408
409 /* Structure describing a format conversion specifier (or a set of specifiers
410 which act identically), and the length modifiers used with it. */
411 typedef struct
412 {
413 const char *const format_chars;
414 const int pointer_count;
415 const enum format_std_version std;
416 /* Types accepted for each length modifier. */
417 const format_type_detail types[FMT_LEN_MAX];
418 /* List of other modifier characters allowed with these specifiers.
419 This lists flags, and additionally "w" for width, "p" for precision
420 (right precision, for strfmon), "#" for left precision (strfmon),
421 "a" for scanf "a" allocation extension (not applicable in C99 mode),
422 "*" for scanf suppression, and "E" and "O" for those strftime
423 modifiers. */
424 const char *const flag_chars;
425 /* List of additional flags describing these conversion specifiers.
426 "c" for generic character pointers being allowed, "2" for strftime
427 two digit year formats, "3" for strftime formats giving two digit
428 years in some locales, "4" for "2" which becomes "3" with an "E" modifier,
429 "o" if use of strftime "O" is a GNU extension beyond C99,
430 "W" if the argument is a pointer which is dereferenced and written into,
431 "R" if the argument is a pointer which is dereferenced and read from,
432 "i" for printf integer formats where the '0' flag is ignored with
433 precision, and "[" for the starting character of a scanf scanset. */
434 const char *const flags2;
435 } format_char_info;
436
437
438 /* Structure describing a flag accepted by some kind of format. */
439 typedef struct
440 {
441 /* The flag character in question (0 for end of array). */
442 const int flag_char;
443 /* Zero if this entry describes the flag character in general, or a
444 nonzero character that may be found in flags2 if it describes the
445 flag when used with certain formats only. If the latter, only
446 the first such entry found that applies to the current conversion
447 specifier is used; the values of `name' and `long_name' it supplies
448 will be used, if non-NULL and the standard version is higher than
449 the unpredicated one, for any pedantic warning. For example, 'o'
450 for strftime formats (meaning 'O' is an extension over C99). */
451 const int predicate;
452 /* Nonzero if the next character after this flag in the format should
453 be skipped ('=' in strfmon), zero otherwise. */
454 const int skip_next_char;
455 /* The name to use for this flag in diagnostic messages. For example,
456 N_("`0' flag"), N_("field width"). */
457 const char *const name;
458 /* Long name for this flag in diagnostic messages; currently only used for
459 "ISO C does not support ...". For example, N_("the `I' printf flag"). */
460 const char *const long_name;
461 /* The standard version in which it appeared. */
462 const enum format_std_version std;
463 } format_flag_spec;
464
465
466 /* Structure describing a combination of flags that is bad for some kind
467 of format. */
468 typedef struct
469 {
470 /* The first flag character in question (0 for end of array). */
471 const int flag_char1;
472 /* The second flag character. */
473 const int flag_char2;
474 /* Nonzero if the message should say that the first flag is ignored with
475 the second, zero if the combination should simply be objected to. */
476 const int ignored;
477 /* Zero if this entry applies whenever this flag combination occurs,
478 a nonzero character from flags2 if it only applies in some
479 circumstances (e.g. 'i' for printf formats ignoring 0 with precision). */
480 const int predicate;
481 } format_flag_pair;
482
483
484 /* Structure describing a particular kind of format processed by GCC. */
485 typedef struct
486 {
487 /* The name of this kind of format, for use in diagnostics. Also
488 the name of the attribute (without preceding and following __). */
489 const char *const name;
490 /* Specifications of the length modifiers accepted; possibly NULL. */
491 const format_length_info *const length_char_specs;
492 /* Details of the conversion specification characters accepted. */
493 const format_char_info *const conversion_specs;
494 /* String listing the flag characters that are accepted. */
495 const char *const flag_chars;
496 /* String listing modifier characters (strftime) accepted. May be NULL. */
497 const char *const modifier_chars;
498 /* Details of the flag characters, including pseudo-flags. */
499 const format_flag_spec *const flag_specs;
500 /* Details of bad combinations of flags. */
501 const format_flag_pair *const bad_flag_pairs;
502 /* Flags applicable to this kind of format. */
503 const int flags;
504 /* Flag character to treat a width as, or 0 if width not used. */
505 const int width_char;
506 /* Flag character to treat a left precision (strfmon) as,
507 or 0 if left precision not used. */
508 const int left_precision_char;
509 /* Flag character to treat a precision (for strfmon, right precision) as,
510 or 0 if precision not used. */
511 const int precision_char;
512 /* If a flag character has the effect of suppressing the conversion of
513 an argument ('*' in scanf), that flag character, otherwise 0. */
514 const int suppression_char;
515 /* Flag character to treat a length modifier as (ignored if length
516 modifiers not used). Need not be placed in flag_chars for conversion
517 specifiers, but is used to check for bad combinations such as length
518 modifier with assignment suppression in scanf. */
519 const int length_code_char;
520 /* Pointer to type of argument expected if '*' is used for a width,
521 or NULL if '*' not used for widths. */
522 tree *const width_type;
523 /* Pointer to type of argument expected if '*' is used for a precision,
524 or NULL if '*' not used for precisions. */
525 tree *const precision_type;
526 } format_kind_info;
527
528
529 /* Structure describing details of a type expected in format checking,
530 and the type to check against it. */
531 typedef struct format_wanted_type
532 {
533 /* The type wanted. */
534 tree wanted_type;
535 /* The name of this type to use in diagnostics. */
536 const char *wanted_type_name;
537 /* The level of indirection through pointers at which this type occurs. */
538 int pointer_count;
539 /* Whether, when pointer_count is 1, to allow any character type when
540 pedantic, rather than just the character or void type specified. */
541 int char_lenient_flag;
542 /* Whether the argument, dereferenced once, is written into and so the
543 argument must not be a pointer to a const-qualified type. */
544 int writing_in_flag;
545 /* Whether the argument, dereferenced once, is read from and so
546 must not be a NULL pointer. */
547 int reading_from_flag;
548 /* If warnings should be of the form "field precision is not type int",
549 the name to use (in this case "field precision"), otherwise NULL,
550 for "%s format, %s arg" type messages. If (in an extension), this
551 is a pointer type, wanted_type_name should be set to include the
552 terminating '*' characters of the type name to give a correct
553 message. */
554 const char *name;
555 /* The actual parameter to check against the wanted type. */
556 tree param;
557 /* The argument number of that parameter. */
558 int arg_num;
559 /* The next type to check for this format conversion, or NULL if none. */
560 struct format_wanted_type *next;
561 } format_wanted_type;
562
563
564 static const format_length_info printf_length_specs[] =
565 {
566 { "h", FMT_LEN_h, STD_C89, "hh", FMT_LEN_hh, STD_C99 },
567 { "l", FMT_LEN_l, STD_C89, "ll", FMT_LEN_ll, STD_C9L },
568 { "q", FMT_LEN_ll, STD_EXT, NULL, 0, 0 },
569 { "L", FMT_LEN_L, STD_C89, NULL, 0, 0 },
570 { "z", FMT_LEN_z, STD_C99, NULL, 0, 0 },
571 { "Z", FMT_LEN_z, STD_EXT, NULL, 0, 0 },
572 { "t", FMT_LEN_t, STD_C99, NULL, 0, 0 },
573 { "j", FMT_LEN_j, STD_C99, NULL, 0, 0 },
574 { NULL, 0, 0, NULL, 0, 0 }
575 };
576
577
578 /* This differs from printf_length_specs only in that "Z" is not accepted. */
579 static const format_length_info scanf_length_specs[] =
580 {
581 { "h", FMT_LEN_h, STD_C89, "hh", FMT_LEN_hh, STD_C99 },
582 { "l", FMT_LEN_l, STD_C89, "ll", FMT_LEN_ll, STD_C9L },
583 { "q", FMT_LEN_ll, STD_EXT, NULL, 0, 0 },
584 { "L", FMT_LEN_L, STD_C89, NULL, 0, 0 },
585 { "z", FMT_LEN_z, STD_C99, NULL, 0, 0 },
586 { "t", FMT_LEN_t, STD_C99, NULL, 0, 0 },
587 { "j", FMT_LEN_j, STD_C99, NULL, 0, 0 },
588 { NULL, 0, 0, NULL, 0, 0 }
589 };
590
591
592 /* All tables for strfmon use STD_C89 everywhere, since -pedantic warnings
593 make no sense for a format type not part of any C standard version. */
594 static const format_length_info strfmon_length_specs[] =
595 {
596 /* A GNU extension. */
597 { "L", FMT_LEN_L, STD_C89, NULL, 0, 0 },
598 { NULL, 0, 0, NULL, 0, 0 }
599 };
600
601 static const format_flag_spec printf_flag_specs[] =
602 {
603 { ' ', 0, 0, N_("` ' flag"), N_("the ` ' printf flag"), STD_C89 },
604 { '+', 0, 0, N_("`+' flag"), N_("the `+' printf flag"), STD_C89 },
605 { '#', 0, 0, N_("`#' flag"), N_("the `#' printf flag"), STD_C89 },
606 { '0', 0, 0, N_("`0' flag"), N_("the `0' printf flag"), STD_C89 },
607 { '-', 0, 0, N_("`-' flag"), N_("the `-' printf flag"), STD_C89 },
608 { '\'', 0, 0, N_("`'' flag"), N_("the `'' printf flag"), STD_EXT },
609 { 'I', 0, 0, N_("`I' flag"), N_("the `I' printf flag"), STD_EXT },
610 { 'w', 0, 0, N_("field width"), N_("field width in printf format"), STD_C89 },
611 { 'p', 0, 0, N_("precision"), N_("precision in printf format"), STD_C89 },
612 { 'L', 0, 0, N_("length modifier"), N_("length modifier in printf format"), STD_C89 },
613 { 0, 0, 0, NULL, NULL, 0 }
614 };
615
616
617 static const format_flag_pair printf_flag_pairs[] =
618 {
619 { ' ', '+', 1, 0 },
620 { '0', '-', 1, 0 },
621 { '0', 'p', 1, 'i' },
622 { 0, 0, 0, 0 }
623 };
624
625
626 static const format_flag_spec scanf_flag_specs[] =
627 {
628 { '*', 0, 0, N_("assignment suppression"), N_("the assignment suppression scanf feature"), STD_C89 },
629 { 'a', 0, 0, N_("`a' flag"), N_("the `a' scanf flag"), STD_EXT },
630 { 'w', 0, 0, N_("field width"), N_("field width in scanf format"), STD_C89 },
631 { 'L', 0, 0, N_("length modifier"), N_("length modifier in scanf format"), STD_C89 },
632 { '\'', 0, 0, N_("`'' flag"), N_("the `'' scanf flag"), STD_EXT },
633 { 'I', 0, 0, N_("`I' flag"), N_("the `I' scanf flag"), STD_EXT },
634 { 0, 0, 0, NULL, NULL, 0 }
635 };
636
637
638 static const format_flag_pair scanf_flag_pairs[] =
639 {
640 { '*', 'L', 0, 0 },
641 { 0, 0, 0, 0 }
642 };
643
644
645 static const format_flag_spec strftime_flag_specs[] =
646 {
647 { '_', 0, 0, N_("`_' flag"), N_("the `_' strftime flag"), STD_EXT },
648 { '-', 0, 0, N_("`-' flag"), N_("the `-' strftime flag"), STD_EXT },
649 { '0', 0, 0, N_("`0' flag"), N_("the `0' strftime flag"), STD_EXT },
650 { '^', 0, 0, N_("`^' flag"), N_("the `^' strftime flag"), STD_EXT },
651 { '#', 0, 0, N_("`#' flag"), N_("the `#' strftime flag"), STD_EXT },
652 { 'w', 0, 0, N_("field width"), N_("field width in strftime format"), STD_EXT },
653 { 'E', 0, 0, N_("`E' modifier"), N_("the `E' strftime modifier"), STD_C99 },
654 { 'O', 0, 0, N_("`O' modifier"), N_("the `O' strftime modifier"), STD_C99 },
655 { 'O', 'o', 0, NULL, N_("the `O' modifier"), STD_EXT },
656 { 0, 0, 0, NULL, NULL, 0 }
657 };
658
659
660 static const format_flag_pair strftime_flag_pairs[] =
661 {
662 { 'E', 'O', 0, 0 },
663 { '_', '-', 0, 0 },
664 { '_', '0', 0, 0 },
665 { '-', '0', 0, 0 },
666 { '^', '#', 0, 0 },
667 { 0, 0, 0, 0 }
668 };
669
670
671 static const format_flag_spec strfmon_flag_specs[] =
672 {
673 { '=', 0, 1, N_("fill character"), N_("fill character in strfmon format"), STD_C89 },
674 { '^', 0, 0, N_("`^' flag"), N_("the `^' strfmon flag"), STD_C89 },
675 { '+', 0, 0, N_("`+' flag"), N_("the `+' strfmon flag"), STD_C89 },
676 { '(', 0, 0, N_("`(' flag"), N_("the `(' strfmon flag"), STD_C89 },
677 { '!', 0, 0, N_("`!' flag"), N_("the `!' strfmon flag"), STD_C89 },
678 { '-', 0, 0, N_("`-' flag"), N_("the `-' strfmon flag"), STD_C89 },
679 { 'w', 0, 0, N_("field width"), N_("field width in strfmon format"), STD_C89 },
680 { '#', 0, 0, N_("left precision"), N_("left precision in strfmon format"), STD_C89 },
681 { 'p', 0, 0, N_("right precision"), N_("right precision in strfmon format"), STD_C89 },
682 { 'L', 0, 0, N_("length modifier"), N_("length modifier in strfmon format"), STD_C89 },
683 { 0, 0, 0, NULL, NULL, 0 }
684 };
685
686 static const format_flag_pair strfmon_flag_pairs[] =
687 {
688 { '+', '(', 0, 0 },
689 { 0, 0, 0, 0 }
690 };
691
692
693 #define T_I &integer_type_node
694 #define T89_I { STD_C89, NULL, T_I }
695 #define T_L &long_integer_type_node
696 #define T89_L { STD_C89, NULL, T_L }
697 #define T_LL &long_long_integer_type_node
698 #define T9L_LL { STD_C9L, NULL, T_LL }
699 #define TEX_LL { STD_EXT, NULL, T_LL }
700 #define T_S &short_integer_type_node
701 #define T89_S { STD_C89, NULL, T_S }
702 #define T_UI &unsigned_type_node
703 #define T89_UI { STD_C89, NULL, T_UI }
704 #define T_UL &long_unsigned_type_node
705 #define T89_UL { STD_C89, NULL, T_UL }
706 #define T_ULL &long_long_unsigned_type_node
707 #define T9L_ULL { STD_C9L, NULL, T_ULL }
708 #define TEX_ULL { STD_EXT, NULL, T_ULL }
709 #define T_US &short_unsigned_type_node
710 #define T89_US { STD_C89, NULL, T_US }
711 #define T_F &float_type_node
712 #define T89_F { STD_C89, NULL, T_F }
713 #define T99_F { STD_C99, NULL, T_F }
714 #define T_D &double_type_node
715 #define T89_D { STD_C89, NULL, T_D }
716 #define T99_D { STD_C99, NULL, T_D }
717 #define T_LD &long_double_type_node
718 #define T89_LD { STD_C89, NULL, T_LD }
719 #define T99_LD { STD_C99, NULL, T_LD }
720 #define T_C &char_type_node
721 #define T89_C { STD_C89, NULL, T_C }
722 #define T_SC &signed_char_type_node
723 #define T99_SC { STD_C99, NULL, T_SC }
724 #define T_UC &unsigned_char_type_node
725 #define T99_UC { STD_C99, NULL, T_UC }
726 #define T_V &void_type_node
727 #define T89_V { STD_C89, NULL, T_V }
728 #define T_W &wchar_type_node
729 #define T94_W { STD_C94, "wchar_t", T_W }
730 #define TEX_W { STD_EXT, "wchar_t", T_W }
731 #define T_WI &wint_type_node
732 #define T94_WI { STD_C94, "wint_t", T_WI }
733 #define TEX_WI { STD_EXT, "wint_t", T_WI }
734 #define T_ST &size_type_node
735 #define T99_ST { STD_C99, "size_t", T_ST }
736 #define T_SST &signed_size_type_node
737 #define T99_SST { STD_C99, "signed size_t", T_SST }
738 #define T_PD &ptrdiff_type_node
739 #define T99_PD { STD_C99, "ptrdiff_t", T_PD }
740 #define T_UPD &unsigned_ptrdiff_type_node
741 #define T99_UPD { STD_C99, "unsigned ptrdiff_t", T_UPD }
742 #define T_IM &intmax_type_node
743 #define T99_IM { STD_C99, "intmax_t", T_IM }
744 #define T_UIM &uintmax_type_node
745 #define T99_UIM { STD_C99, "uintmax_t", T_UIM }
746
747 static const format_char_info print_char_table[] =
748 {
749 /* C89 conversion specifiers. */
750 { "di", 0, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, TEX_LL, T99_SST, T99_PD, T99_IM }, "-wp0 +'I", "i" },
751 { "oxX", 0, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "-wp0#", "i" },
752 { "u", 0, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "-wp0'I", "i" },
753 { "fgG", 0, STD_C89, { T89_D, BADLEN, BADLEN, T99_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#'", "" },
754 { "eE", 0, STD_C89, { T89_D, BADLEN, BADLEN, T99_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#", "" },
755 { "c", 0, STD_C89, { T89_I, BADLEN, BADLEN, T94_WI, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "" },
756 { "s", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "cR" },
757 { "p", 1, STD_C89, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "c" },
758 { "n", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, BADLEN, T99_SST, T99_PD, T99_IM }, "", "W" },
759 /* C99 conversion specifiers. */
760 { "F", 0, STD_C99, { T99_D, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#'", "" },
761 { "aA", 0, STD_C99, { T99_D, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN }, "-wp0 +#", "" },
762 /* X/Open conversion specifiers. */
763 { "C", 0, STD_EXT, { TEX_WI, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "" },
764 { "S", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "R" },
765 /* GNU conversion specifiers. */
766 { "m", 0, STD_EXT, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "" },
767 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
768 };
769
770 static const format_char_info scan_char_table[] =
771 {
772 /* C89 conversion specifiers. */
773 { "di", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, TEX_LL, T99_SST, T99_PD, T99_IM }, "*w'I", "W" },
774 { "u", 1, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "*w'I", "W" },
775 { "oxX", 1, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_ULL, T99_ST, T99_UPD, T99_UIM }, "*w", "W" },
776 { "efgEG", 1, STD_C89, { T89_F, BADLEN, BADLEN, T89_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "*w'", "W" },
777 { "c", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*w", "cW" },
778 { "s", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*aw", "cW" },
779 { "[", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*aw", "cW[" },
780 { "p", 2, STD_C89, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*w", "W" },
781 { "n", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, BADLEN, T99_SST, T99_PD, T99_IM }, "", "W" },
782 /* C99 conversion specifiers. */
783 { "FaA", 1, STD_C99, { T99_F, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN }, "*w'", "W" },
784 /* X/Open conversion specifiers. */
785 { "C", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*w", "W" },
786 { "S", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "*aw", "W" },
787 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
788 };
789
790 static const format_char_info time_char_table[] =
791 {
792 /* C89 conversion specifiers. */
793 { "ABZab", 0, STD_C89, NOLENGTHS, "^#", "" },
794 { "cx", 0, STD_C89, NOLENGTHS, "E", "3" },
795 { "HIMSUWdmw", 0, STD_C89, NOLENGTHS, "-_0Ow", "" },
796 { "j", 0, STD_C89, NOLENGTHS, "-_0Ow", "o" },
797 { "p", 0, STD_C89, NOLENGTHS, "#", "" },
798 { "X", 0, STD_C89, NOLENGTHS, "E", "" },
799 { "y", 0, STD_C89, NOLENGTHS, "EO-_0w", "4" },
800 { "Y", 0, STD_C89, NOLENGTHS, "-_0EOw", "o" },
801 { "%", 0, STD_C89, NOLENGTHS, "", "" },
802 /* C99 conversion specifiers. */
803 { "C", 0, STD_C99, NOLENGTHS, "-_0EOw", "o" },
804 { "D", 0, STD_C99, NOLENGTHS, "", "2" },
805 { "eVu", 0, STD_C99, NOLENGTHS, "-_0Ow", "" },
806 { "FRTnrt", 0, STD_C99, NOLENGTHS, "", "" },
807 { "g", 0, STD_C99, NOLENGTHS, "O-_0w", "2o" },
808 { "G", 0, STD_C99, NOLENGTHS, "-_0Ow", "o" },
809 { "h", 0, STD_C99, NOLENGTHS, "^#", "" },
810 { "z", 0, STD_C99, NOLENGTHS, "O", "o" },
811 /* GNU conversion specifiers. */
812 { "kls", 0, STD_EXT, NOLENGTHS, "-_0Ow", "" },
813 { "P", 0, STD_EXT, NOLENGTHS, "", "" },
814 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
815 };
816
817 static const format_char_info monetary_char_table[] =
818 {
819 { "in", 0, STD_C89, { T89_D, BADLEN, BADLEN, BADLEN, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN }, "=^+(!-w#p", "" },
820 { NULL, 0, 0, NOLENGTHS, NULL, NULL }
821 };
822
823
824 /* This must be in the same order as enum format_type. */
825 static const format_kind_info format_types[] =
826 {
827 { "printf", printf_length_specs, print_char_table, " +#0-'I", NULL,
828 printf_flag_specs, printf_flag_pairs,
829 FMT_FLAG_ARG_CONVERT|FMT_FLAG_DOLLAR_MULTIPLE|FMT_FLAG_USE_DOLLAR|FMT_FLAG_EMPTY_PREC_OK,
830 'w', 0, 'p', 0, 'L',
831 &integer_type_node, &integer_type_node
832 },
833 { "scanf", scanf_length_specs, scan_char_table, "*'I", NULL,
834 scanf_flag_specs, scanf_flag_pairs,
835 FMT_FLAG_ARG_CONVERT|FMT_FLAG_SCANF_A_KLUDGE|FMT_FLAG_USE_DOLLAR|FMT_FLAG_ZERO_WIDTH_BAD|FMT_FLAG_DOLLAR_GAP_POINTER_OK,
836 'w', 0, 0, '*', 'L',
837 NULL, NULL
838 },
839 { "strftime", NULL, time_char_table, "_-0^#", "EO",
840 strftime_flag_specs, strftime_flag_pairs,
841 FMT_FLAG_FANCY_PERCENT_OK, 'w', 0, 0, 0, 0,
842 NULL, NULL
843 },
844 { "strfmon", strfmon_length_specs, monetary_char_table, "=^+(!-", NULL,
845 strfmon_flag_specs, strfmon_flag_pairs,
846 FMT_FLAG_ARG_CONVERT, 'w', '#', 'p', 0, 'L',
847 NULL, NULL
848 }
849 };
850
851
852 /* Structure detailing the results of checking a format function call
853 where the format expression may be a conditional expression with
854 many leaves resulting from nested conditional expressions. */
855 typedef struct
856 {
857 /* Number of leaves of the format argument that could not be checked
858 as they were not string literals. */
859 int number_non_literal;
860 /* Number of leaves of the format argument that were null pointers or
861 string literals, but had extra format arguments. */
862 int number_extra_args;
863 /* Number of leaves of the format argument that were null pointers or
864 string literals, but had extra format arguments and used $ operand
865 numbers. */
866 int number_dollar_extra_args;
867 /* Number of leaves of the format argument that were wide string
868 literals. */
869 int number_wide;
870 /* Number of leaves of the format argument that were empty strings. */
871 int number_empty;
872 /* Number of leaves of the format argument that were unterminated
873 strings. */
874 int number_unterminated;
875 /* Number of leaves of the format argument that were not counted above. */
876 int number_other;
877 } format_check_results;
878
879 typedef struct
880 {
881 format_check_results *res;
882 function_format_info *info;
883 tree params;
884 int *status;
885 } format_check_context;
886
887 static void check_format_info PARAMS ((int *, function_format_info *, tree));
888 static void check_format_arg PARAMS ((void *, tree, unsigned HOST_WIDE_INT));
889 static void check_format_info_main PARAMS ((int *, format_check_results *,
890 function_format_info *,
891 const char *, int, tree,
892 unsigned HOST_WIDE_INT));
893 static void status_warning PARAMS ((int *, const char *, ...))
894 ATTRIBUTE_PRINTF_2;
895
896 static void init_dollar_format_checking PARAMS ((int, tree));
897 static int maybe_read_dollar_number PARAMS ((int *, const char **, int,
898 tree, tree *,
899 const format_kind_info *));
900 static void finish_dollar_format_checking PARAMS ((int *, format_check_results *, int));
901
902 static const format_flag_spec *get_flag_spec PARAMS ((const format_flag_spec *,
903 int, const char *));
904
905 static void check_format_types PARAMS ((int *, format_wanted_type *));
906
907 /* Decode a format type from a string, returning the type, or
908 format_type_error if not valid, in which case the caller should print an
909 error message. */
910 static enum format_type
911 decode_format_type (s)
912 const char *s;
913 {
914 int i;
915 int slen;
916 slen = strlen (s);
917 for (i = 0; i < (int) format_type_error; i++)
918 {
919 int alen;
920 if (!strcmp (s, format_types[i].name))
921 break;
922 alen = strlen (format_types[i].name);
923 if (slen == alen + 4 && s[0] == '_' && s[1] == '_'
924 && s[slen - 1] == '_' && s[slen - 2] == '_'
925 && !strncmp (s + 2, format_types[i].name, alen))
926 break;
927 }
928 return ((enum format_type) i);
929 }
930
931 \f
932 /* Check the argument list of a call to printf, scanf, etc.
933 ATTRS are the attributes on the function type.
934 PARAMS is the list of argument values. Also, if -Wmissing-format-attribute,
935 warn for calls to vprintf or vscanf in functions with no such format
936 attribute themselves. */
937
938 void
939 check_function_format (status, attrs, params)
940 int *status;
941 tree attrs;
942 tree params;
943 {
944 tree a;
945
946 /* See if this function has any format attributes. */
947 for (a = attrs; a; a = TREE_CHAIN (a))
948 {
949 if (is_attribute_p ("format", TREE_PURPOSE (a)))
950 {
951 /* Yup; check it. */
952 function_format_info info;
953 decode_format_attr (TREE_VALUE (a), &info, 1);
954 check_format_info (status, &info, params);
955 if (warn_missing_format_attribute && info.first_arg_num == 0
956 && (format_types[info.format_type].flags
957 & (int) FMT_FLAG_ARG_CONVERT))
958 {
959 tree c;
960 for (c = TYPE_ATTRIBUTES (TREE_TYPE (current_function_decl));
961 c;
962 c = TREE_CHAIN (c))
963 if (is_attribute_p ("format", TREE_PURPOSE (c))
964 && (decode_format_type (IDENTIFIER_POINTER
965 (TREE_VALUE (TREE_VALUE (c))))
966 == info.format_type))
967 break;
968 if (c == NULL_TREE)
969 {
970 /* Check if the current function has a parameter to which
971 the format attribute could be attached; if not, it
972 can't be a candidate for a format attribute, despite
973 the vprintf-like or vscanf-like call. */
974 tree args;
975 for (args = DECL_ARGUMENTS (current_function_decl);
976 args != 0;
977 args = TREE_CHAIN (args))
978 {
979 if (TREE_CODE (TREE_TYPE (args)) == POINTER_TYPE
980 && (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (args)))
981 == char_type_node))
982 break;
983 }
984 if (args != 0)
985 warning ("function might be possible candidate for `%s' format attribute",
986 format_types[info.format_type].name);
987 }
988 }
989 }
990 }
991 }
992
993 /* This function replaces `warning' inside the printf format checking
994 functions. If the `status' parameter is non-NULL, then it is
995 dereferenced and set to 1 whenever a warning is caught. Otherwise
996 it warns as usual by replicating the innards of the warning
997 function from diagnostic.c. */
998 static void
999 status_warning (int *status, const char *msgid, ...)
1000 {
1001 diagnostic_info diagnostic ;
1002 va_list ap;
1003
1004 va_start (ap, msgid);
1005
1006 if (status)
1007 *status = 1;
1008 else
1009 {
1010 /* This duplicates the warning function behavior. */
1011 diagnostic_set_info (&diagnostic, _(msgid), &ap,
1012 input_filename, input_line, DK_WARNING);
1013 report_diagnostic (&diagnostic);
1014 }
1015
1016 va_end (ap);
1017 }
1018
1019 /* Variables used by the checking of $ operand number formats. */
1020 static char *dollar_arguments_used = NULL;
1021 static char *dollar_arguments_pointer_p = NULL;
1022 static int dollar_arguments_alloc = 0;
1023 static int dollar_arguments_count;
1024 static int dollar_first_arg_num;
1025 static int dollar_max_arg_used;
1026 static int dollar_format_warned;
1027
1028 /* Initialize the checking for a format string that may contain $
1029 parameter number specifications; we will need to keep track of whether
1030 each parameter has been used. FIRST_ARG_NUM is the number of the first
1031 argument that is a parameter to the format, or 0 for a vprintf-style
1032 function; PARAMS is the list of arguments starting at this argument. */
1033
1034 static void
1035 init_dollar_format_checking (first_arg_num, params)
1036 int first_arg_num;
1037 tree params;
1038 {
1039 tree oparams = params;
1040
1041 dollar_first_arg_num = first_arg_num;
1042 dollar_arguments_count = 0;
1043 dollar_max_arg_used = 0;
1044 dollar_format_warned = 0;
1045 if (first_arg_num > 0)
1046 {
1047 while (params)
1048 {
1049 dollar_arguments_count++;
1050 params = TREE_CHAIN (params);
1051 }
1052 }
1053 if (dollar_arguments_alloc < dollar_arguments_count)
1054 {
1055 if (dollar_arguments_used)
1056 free (dollar_arguments_used);
1057 if (dollar_arguments_pointer_p)
1058 free (dollar_arguments_pointer_p);
1059 dollar_arguments_alloc = dollar_arguments_count;
1060 dollar_arguments_used = xmalloc (dollar_arguments_alloc);
1061 dollar_arguments_pointer_p = xmalloc (dollar_arguments_alloc);
1062 }
1063 if (dollar_arguments_alloc)
1064 {
1065 memset (dollar_arguments_used, 0, dollar_arguments_alloc);
1066 if (first_arg_num > 0)
1067 {
1068 int i = 0;
1069 params = oparams;
1070 while (params)
1071 {
1072 dollar_arguments_pointer_p[i] = (TREE_CODE (TREE_TYPE (TREE_VALUE (params)))
1073 == POINTER_TYPE);
1074 params = TREE_CHAIN (params);
1075 i++;
1076 }
1077 }
1078 }
1079 }
1080
1081
1082 /* Look for a decimal number followed by a $ in *FORMAT. If DOLLAR_NEEDED
1083 is set, it is an error if one is not found; otherwise, it is OK. If
1084 such a number is found, check whether it is within range and mark that
1085 numbered operand as being used for later checking. Returns the operand
1086 number if found and within range, zero if no such number was found and
1087 this is OK, or -1 on error. PARAMS points to the first operand of the
1088 format; PARAM_PTR is made to point to the parameter referred to. If
1089 a $ format is found, *FORMAT is updated to point just after it. */
1090
1091 static int
1092 maybe_read_dollar_number (status, format, dollar_needed, params, param_ptr,
1093 fki)
1094 int *status;
1095 const char **format;
1096 int dollar_needed;
1097 tree params;
1098 tree *param_ptr;
1099 const format_kind_info *fki;
1100 {
1101 int argnum;
1102 int overflow_flag;
1103 const char *fcp = *format;
1104 if (! ISDIGIT (*fcp))
1105 {
1106 if (dollar_needed)
1107 {
1108 status_warning (status, "missing $ operand number in format");
1109 return -1;
1110 }
1111 else
1112 return 0;
1113 }
1114 argnum = 0;
1115 overflow_flag = 0;
1116 while (ISDIGIT (*fcp))
1117 {
1118 int nargnum;
1119 nargnum = 10 * argnum + (*fcp - '0');
1120 if (nargnum < 0 || nargnum / 10 != argnum)
1121 overflow_flag = 1;
1122 argnum = nargnum;
1123 fcp++;
1124 }
1125 if (*fcp != '$')
1126 {
1127 if (dollar_needed)
1128 {
1129 status_warning (status, "missing $ operand number in format");
1130 return -1;
1131 }
1132 else
1133 return 0;
1134 }
1135 *format = fcp + 1;
1136 if (pedantic && !dollar_format_warned)
1137 {
1138 status_warning (status,
1139 "%s does not support %%n$ operand number formats",
1140 C_STD_NAME (STD_EXT));
1141 dollar_format_warned = 1;
1142 }
1143 if (overflow_flag || argnum == 0
1144 || (dollar_first_arg_num && argnum > dollar_arguments_count))
1145 {
1146 status_warning (status, "operand number out of range in format");
1147 return -1;
1148 }
1149 if (argnum > dollar_max_arg_used)
1150 dollar_max_arg_used = argnum;
1151 /* For vprintf-style functions we may need to allocate more memory to
1152 track which arguments are used. */
1153 while (dollar_arguments_alloc < dollar_max_arg_used)
1154 {
1155 int nalloc;
1156 nalloc = 2 * dollar_arguments_alloc + 16;
1157 dollar_arguments_used = xrealloc (dollar_arguments_used, nalloc);
1158 dollar_arguments_pointer_p = xrealloc (dollar_arguments_pointer_p,
1159 nalloc);
1160 memset (dollar_arguments_used + dollar_arguments_alloc, 0,
1161 nalloc - dollar_arguments_alloc);
1162 dollar_arguments_alloc = nalloc;
1163 }
1164 if (!(fki->flags & (int) FMT_FLAG_DOLLAR_MULTIPLE)
1165 && dollar_arguments_used[argnum - 1] == 1)
1166 {
1167 dollar_arguments_used[argnum - 1] = 2;
1168 status_warning (status,
1169 "format argument %d used more than once in %s format",
1170 argnum, fki->name);
1171 }
1172 else
1173 dollar_arguments_used[argnum - 1] = 1;
1174 if (dollar_first_arg_num)
1175 {
1176 int i;
1177 *param_ptr = params;
1178 for (i = 1; i < argnum && *param_ptr != 0; i++)
1179 *param_ptr = TREE_CHAIN (*param_ptr);
1180
1181 if (*param_ptr == 0)
1182 {
1183 /* This case shouldn't be caught here. */
1184 abort ();
1185 }
1186 }
1187 else
1188 *param_ptr = 0;
1189 return argnum;
1190 }
1191
1192
1193 /* Finish the checking for a format string that used $ operand number formats
1194 instead of non-$ formats. We check for unused operands before used ones
1195 (a serious error, since the implementation of the format function
1196 can't know what types to pass to va_arg to find the later arguments).
1197 and for unused operands at the end of the format (if we know how many
1198 arguments the format had, so not for vprintf). If there were operand
1199 numbers out of range on a non-vprintf-style format, we won't have reached
1200 here. If POINTER_GAP_OK, unused arguments are OK if all arguments are
1201 pointers. */
1202
1203 static void
1204 finish_dollar_format_checking (status, res, pointer_gap_ok)
1205 int *status;
1206 format_check_results *res;
1207 int pointer_gap_ok;
1208 {
1209 int i;
1210 bool found_pointer_gap = false;
1211 for (i = 0; i < dollar_max_arg_used; i++)
1212 {
1213 if (!dollar_arguments_used[i])
1214 {
1215 if (pointer_gap_ok && (dollar_first_arg_num == 0
1216 || dollar_arguments_pointer_p[i]))
1217 found_pointer_gap = true;
1218 else
1219 status_warning (status, "format argument %d unused before used argument %d in $-style format",
1220 i + 1, dollar_max_arg_used);
1221 }
1222 }
1223 if (found_pointer_gap
1224 || (dollar_first_arg_num
1225 && dollar_max_arg_used < dollar_arguments_count))
1226 {
1227 res->number_other--;
1228 res->number_dollar_extra_args++;
1229 }
1230 }
1231
1232
1233 /* Retrieve the specification for a format flag. SPEC contains the
1234 specifications for format flags for the applicable kind of format.
1235 FLAG is the flag in question. If PREDICATES is NULL, the basic
1236 spec for that flag must be retrieved and this function aborts if
1237 it cannot be found. If PREDICATES is not NULL, it is a string listing
1238 possible predicates for the spec entry; if an entry predicated on any
1239 of these is found, it is returned, otherwise NULL is returned. */
1240
1241 static const format_flag_spec *
1242 get_flag_spec (spec, flag, predicates)
1243 const format_flag_spec *spec;
1244 int flag;
1245 const char *predicates;
1246 {
1247 int i;
1248 for (i = 0; spec[i].flag_char != 0; i++)
1249 {
1250 if (spec[i].flag_char != flag)
1251 continue;
1252 if (predicates != NULL)
1253 {
1254 if (spec[i].predicate != 0
1255 && strchr (predicates, spec[i].predicate) != 0)
1256 return &spec[i];
1257 }
1258 else if (spec[i].predicate == 0)
1259 return &spec[i];
1260 }
1261 if (predicates == NULL)
1262 abort ();
1263 else
1264 return NULL;
1265 }
1266
1267
1268 /* Check the argument list of a call to printf, scanf, etc.
1269 INFO points to the function_format_info structure.
1270 PARAMS is the list of argument values. */
1271
1272 static void
1273 check_format_info (status, info, params)
1274 int *status;
1275 function_format_info *info;
1276 tree params;
1277 {
1278 format_check_context format_ctx;
1279 unsigned HOST_WIDE_INT arg_num;
1280 tree format_tree;
1281 format_check_results res;
1282 /* Skip to format argument. If the argument isn't available, there's
1283 no work for us to do; prototype checking will catch the problem. */
1284 for (arg_num = 1; ; ++arg_num)
1285 {
1286 if (params == 0)
1287 return;
1288 if (arg_num == info->format_num)
1289 break;
1290 params = TREE_CHAIN (params);
1291 }
1292 format_tree = TREE_VALUE (params);
1293 params = TREE_CHAIN (params);
1294 if (format_tree == 0)
1295 return;
1296
1297 res.number_non_literal = 0;
1298 res.number_extra_args = 0;
1299 res.number_dollar_extra_args = 0;
1300 res.number_wide = 0;
1301 res.number_empty = 0;
1302 res.number_unterminated = 0;
1303 res.number_other = 0;
1304
1305 format_ctx.res = &res;
1306 format_ctx.info = info;
1307 format_ctx.params = params;
1308 format_ctx.status = status;
1309
1310 check_function_arguments_recurse (check_format_arg, &format_ctx,
1311 format_tree, arg_num);
1312
1313 if (res.number_non_literal > 0)
1314 {
1315 /* Functions taking a va_list normally pass a non-literal format
1316 string. These functions typically are declared with
1317 first_arg_num == 0, so avoid warning in those cases. */
1318 if (!(format_types[info->format_type].flags & (int) FMT_FLAG_ARG_CONVERT))
1319 {
1320 /* For strftime-like formats, warn for not checking the format
1321 string; but there are no arguments to check. */
1322 if (warn_format_nonliteral)
1323 status_warning (status, "format not a string literal, format string not checked");
1324 }
1325 else if (info->first_arg_num != 0)
1326 {
1327 /* If there are no arguments for the format at all, we may have
1328 printf (foo) which is likely to be a security hole. */
1329 while (arg_num + 1 < info->first_arg_num)
1330 {
1331 if (params == 0)
1332 break;
1333 params = TREE_CHAIN (params);
1334 ++arg_num;
1335 }
1336 if (params == 0 && (warn_format_nonliteral || warn_format_security))
1337 status_warning (status, "format not a string literal and no format arguments");
1338 else if (warn_format_nonliteral)
1339 status_warning (status, "format not a string literal, argument types not checked");
1340 }
1341 }
1342
1343 /* If there were extra arguments to the format, normally warn. However,
1344 the standard does say extra arguments are ignored, so in the specific
1345 case where we have multiple leaves (conditional expressions or
1346 ngettext) allow extra arguments if at least one leaf didn't have extra
1347 arguments, but was otherwise OK (either non-literal or checked OK).
1348 If the format is an empty string, this should be counted similarly to the
1349 case of extra format arguments. */
1350 if (res.number_extra_args > 0 && res.number_non_literal == 0
1351 && res.number_other == 0 && warn_format_extra_args)
1352 status_warning (status, "too many arguments for format");
1353 if (res.number_dollar_extra_args > 0 && res.number_non_literal == 0
1354 && res.number_other == 0 && warn_format_extra_args)
1355 status_warning (status, "unused arguments in $-style format");
1356 if (res.number_empty > 0 && res.number_non_literal == 0
1357 && res.number_other == 0 && warn_format_zero_length)
1358 status_warning (status, "zero-length %s format string",
1359 format_types[info->format_type].name);
1360
1361 if (res.number_wide > 0)
1362 status_warning (status, "format is a wide character string");
1363
1364 if (res.number_unterminated > 0)
1365 status_warning (status, "unterminated format string");
1366 }
1367
1368 /* Callback from check_function_arguments_recurse to check a
1369 format string. FORMAT_TREE is the format parameter. ARG_NUM
1370 is the number of the format argument. CTX points to a
1371 format_check_context. */
1372
1373 static void
1374 check_format_arg (ctx, format_tree, arg_num)
1375 void *ctx;
1376 tree format_tree;
1377 unsigned HOST_WIDE_INT arg_num;
1378 {
1379 format_check_context *format_ctx = ctx;
1380 format_check_results *res = format_ctx->res;
1381 function_format_info *info = format_ctx->info;
1382 tree params = format_ctx->params;
1383 int *status = format_ctx->status;
1384
1385 int format_length;
1386 HOST_WIDE_INT offset;
1387 const char *format_chars;
1388 tree array_size = 0;
1389 tree array_init;
1390
1391 if (integer_zerop (format_tree))
1392 {
1393 /* Skip to first argument to check, so we can see if this format
1394 has any arguments (it shouldn't). */
1395 while (arg_num + 1 < info->first_arg_num)
1396 {
1397 if (params == 0)
1398 return;
1399 params = TREE_CHAIN (params);
1400 ++arg_num;
1401 }
1402
1403 if (params == 0)
1404 res->number_other++;
1405 else
1406 res->number_extra_args++;
1407
1408 return;
1409 }
1410
1411 offset = 0;
1412 if (TREE_CODE (format_tree) == PLUS_EXPR)
1413 {
1414 tree arg0, arg1;
1415
1416 arg0 = TREE_OPERAND (format_tree, 0);
1417 arg1 = TREE_OPERAND (format_tree, 1);
1418 STRIP_NOPS (arg0);
1419 STRIP_NOPS (arg1);
1420 if (TREE_CODE (arg1) == INTEGER_CST)
1421 format_tree = arg0;
1422 else if (TREE_CODE (arg0) == INTEGER_CST)
1423 {
1424 format_tree = arg1;
1425 arg1 = arg0;
1426 }
1427 else
1428 {
1429 res->number_non_literal++;
1430 return;
1431 }
1432 if (!host_integerp (arg1, 0)
1433 || (offset = tree_low_cst (arg1, 0)) < 0)
1434 {
1435 res->number_non_literal++;
1436 return;
1437 }
1438 }
1439 if (TREE_CODE (format_tree) != ADDR_EXPR)
1440 {
1441 res->number_non_literal++;
1442 return;
1443 }
1444 format_tree = TREE_OPERAND (format_tree, 0);
1445 if (TREE_CODE (format_tree) == VAR_DECL
1446 && TREE_CODE (TREE_TYPE (format_tree)) == ARRAY_TYPE
1447 && (array_init = decl_constant_value (format_tree)) != format_tree
1448 && TREE_CODE (array_init) == STRING_CST)
1449 {
1450 /* Extract the string constant initializer. Note that this may include
1451 a trailing NUL character that is not in the array (e.g.
1452 const char a[3] = "foo";). */
1453 array_size = DECL_SIZE_UNIT (format_tree);
1454 format_tree = array_init;
1455 }
1456 if (TREE_CODE (format_tree) != STRING_CST)
1457 {
1458 res->number_non_literal++;
1459 return;
1460 }
1461 if (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (format_tree))) != char_type_node)
1462 {
1463 res->number_wide++;
1464 return;
1465 }
1466 format_chars = TREE_STRING_POINTER (format_tree);
1467 format_length = TREE_STRING_LENGTH (format_tree);
1468 if (array_size != 0)
1469 {
1470 /* Variable length arrays can't be initialized. */
1471 if (TREE_CODE (array_size) != INTEGER_CST)
1472 abort ();
1473 if (host_integerp (array_size, 0))
1474 {
1475 HOST_WIDE_INT array_size_value = TREE_INT_CST_LOW (array_size);
1476 if (array_size_value > 0
1477 && array_size_value == (int) array_size_value
1478 && format_length > array_size_value)
1479 format_length = array_size_value;
1480 }
1481 }
1482 if (offset)
1483 {
1484 if (offset >= format_length)
1485 {
1486 res->number_non_literal++;
1487 return;
1488 }
1489 format_chars += offset;
1490 format_length -= offset;
1491 }
1492 if (format_length < 1)
1493 {
1494 res->number_unterminated++;
1495 return;
1496 }
1497 if (format_length == 1)
1498 {
1499 res->number_empty++;
1500 return;
1501 }
1502 if (format_chars[--format_length] != 0)
1503 {
1504 res->number_unterminated++;
1505 return;
1506 }
1507
1508 /* Skip to first argument to check. */
1509 while (arg_num + 1 < info->first_arg_num)
1510 {
1511 if (params == 0)
1512 return;
1513 params = TREE_CHAIN (params);
1514 ++arg_num;
1515 }
1516 /* Provisionally increment res->number_other; check_format_info_main
1517 will decrement it if it finds there are extra arguments, but this way
1518 need not adjust it for every return. */
1519 res->number_other++;
1520 check_format_info_main (status, res, info, format_chars, format_length,
1521 params, arg_num);
1522 }
1523
1524
1525 /* Do the main part of checking a call to a format function. FORMAT_CHARS
1526 is the NUL-terminated format string (which at this point may contain
1527 internal NUL characters); FORMAT_LENGTH is its length (excluding the
1528 terminating NUL character). ARG_NUM is one less than the number of
1529 the first format argument to check; PARAMS points to that format
1530 argument in the list of arguments. */
1531
1532 static void
1533 check_format_info_main (status, res, info, format_chars, format_length,
1534 params, arg_num)
1535 int *status;
1536 format_check_results *res;
1537 function_format_info *info;
1538 const char *format_chars;
1539 int format_length;
1540 tree params;
1541 unsigned HOST_WIDE_INT arg_num;
1542 {
1543 const char *orig_format_chars = format_chars;
1544 tree first_fillin_param = params;
1545
1546 const format_kind_info *fki = &format_types[info->format_type];
1547 const format_flag_spec *flag_specs = fki->flag_specs;
1548 const format_flag_pair *bad_flag_pairs = fki->bad_flag_pairs;
1549
1550 /* -1 if no conversions taking an operand have been found; 0 if one has
1551 and it didn't use $; 1 if $ formats are in use. */
1552 int has_operand_number = -1;
1553
1554 init_dollar_format_checking (info->first_arg_num, first_fillin_param);
1555
1556 while (1)
1557 {
1558 int i;
1559 int suppressed = FALSE;
1560 const char *length_chars = NULL;
1561 enum format_lengths length_chars_val = FMT_LEN_none;
1562 enum format_std_version length_chars_std = STD_C89;
1563 int format_char;
1564 tree cur_param;
1565 tree wanted_type;
1566 int main_arg_num = 0;
1567 tree main_arg_params = 0;
1568 enum format_std_version wanted_type_std;
1569 const char *wanted_type_name;
1570 format_wanted_type width_wanted_type;
1571 format_wanted_type precision_wanted_type;
1572 format_wanted_type main_wanted_type;
1573 format_wanted_type *first_wanted_type = NULL;
1574 format_wanted_type *last_wanted_type = NULL;
1575 const format_length_info *fli = NULL;
1576 const format_char_info *fci = NULL;
1577 char flag_chars[256];
1578 int aflag = 0;
1579 if (*format_chars == 0)
1580 {
1581 if (format_chars - orig_format_chars != format_length)
1582 status_warning (status, "embedded `\\0' in format");
1583 if (info->first_arg_num != 0 && params != 0
1584 && has_operand_number <= 0)
1585 {
1586 res->number_other--;
1587 res->number_extra_args++;
1588 }
1589 if (has_operand_number > 0)
1590 finish_dollar_format_checking (status, res, fki->flags & (int) FMT_FLAG_DOLLAR_GAP_POINTER_OK);
1591 return;
1592 }
1593 if (*format_chars++ != '%')
1594 continue;
1595 if (*format_chars == 0)
1596 {
1597 status_warning (status, "spurious trailing `%%' in format");
1598 continue;
1599 }
1600 if (*format_chars == '%')
1601 {
1602 ++format_chars;
1603 continue;
1604 }
1605 flag_chars[0] = 0;
1606
1607 if ((fki->flags & (int) FMT_FLAG_USE_DOLLAR) && has_operand_number != 0)
1608 {
1609 /* Possibly read a $ operand number at the start of the format.
1610 If one was previously used, one is required here. If one
1611 is not used here, we can't immediately conclude this is a
1612 format without them, since it could be printf %m or scanf %*. */
1613 int opnum;
1614 opnum = maybe_read_dollar_number (status, &format_chars, 0,
1615 first_fillin_param,
1616 &main_arg_params, fki);
1617 if (opnum == -1)
1618 return;
1619 else if (opnum > 0)
1620 {
1621 has_operand_number = 1;
1622 main_arg_num = opnum + info->first_arg_num - 1;
1623 }
1624 }
1625
1626 /* Read any format flags, but do not yet validate them beyond removing
1627 duplicates, since in general validation depends on the rest of
1628 the format. */
1629 while (*format_chars != 0
1630 && strchr (fki->flag_chars, *format_chars) != 0)
1631 {
1632 const format_flag_spec *s = get_flag_spec (flag_specs,
1633 *format_chars, NULL);
1634 if (strchr (flag_chars, *format_chars) != 0)
1635 {
1636 status_warning (status, "repeated %s in format", _(s->name));
1637 }
1638 else
1639 {
1640 i = strlen (flag_chars);
1641 flag_chars[i++] = *format_chars;
1642 flag_chars[i] = 0;
1643 }
1644 if (s->skip_next_char)
1645 {
1646 ++format_chars;
1647 if (*format_chars == 0)
1648 {
1649 status_warning (status, "missing fill character at end of strfmon format");
1650 return;
1651 }
1652 }
1653 ++format_chars;
1654 }
1655
1656 /* Read any format width, possibly * or *m$. */
1657 if (fki->width_char != 0)
1658 {
1659 if (fki->width_type != NULL && *format_chars == '*')
1660 {
1661 i = strlen (flag_chars);
1662 flag_chars[i++] = fki->width_char;
1663 flag_chars[i] = 0;
1664 /* "...a field width...may be indicated by an asterisk.
1665 In this case, an int argument supplies the field width..." */
1666 ++format_chars;
1667 if (has_operand_number != 0)
1668 {
1669 int opnum;
1670 opnum = maybe_read_dollar_number (status, &format_chars,
1671 has_operand_number == 1,
1672 first_fillin_param,
1673 &params, fki);
1674 if (opnum == -1)
1675 return;
1676 else if (opnum > 0)
1677 {
1678 has_operand_number = 1;
1679 arg_num = opnum + info->first_arg_num - 1;
1680 }
1681 else
1682 has_operand_number = 0;
1683 }
1684 if (info->first_arg_num != 0)
1685 {
1686 if (params == 0)
1687 {
1688 status_warning (status, "too few arguments for format");
1689 return;
1690 }
1691 cur_param = TREE_VALUE (params);
1692 if (has_operand_number <= 0)
1693 {
1694 params = TREE_CHAIN (params);
1695 ++arg_num;
1696 }
1697 width_wanted_type.wanted_type = *fki->width_type;
1698 width_wanted_type.wanted_type_name = NULL;
1699 width_wanted_type.pointer_count = 0;
1700 width_wanted_type.char_lenient_flag = 0;
1701 width_wanted_type.writing_in_flag = 0;
1702 width_wanted_type.reading_from_flag = 0;
1703 width_wanted_type.name = _("field width");
1704 width_wanted_type.param = cur_param;
1705 width_wanted_type.arg_num = arg_num;
1706 width_wanted_type.next = NULL;
1707 if (last_wanted_type != 0)
1708 last_wanted_type->next = &width_wanted_type;
1709 if (first_wanted_type == 0)
1710 first_wanted_type = &width_wanted_type;
1711 last_wanted_type = &width_wanted_type;
1712 }
1713 }
1714 else
1715 {
1716 /* Possibly read a numeric width. If the width is zero,
1717 we complain if appropriate. */
1718 int non_zero_width_char = FALSE;
1719 int found_width = FALSE;
1720 while (ISDIGIT (*format_chars))
1721 {
1722 found_width = TRUE;
1723 if (*format_chars != '0')
1724 non_zero_width_char = TRUE;
1725 ++format_chars;
1726 }
1727 if (found_width && !non_zero_width_char &&
1728 (fki->flags & (int) FMT_FLAG_ZERO_WIDTH_BAD))
1729 status_warning (status, "zero width in %s format",
1730 fki->name);
1731 if (found_width)
1732 {
1733 i = strlen (flag_chars);
1734 flag_chars[i++] = fki->width_char;
1735 flag_chars[i] = 0;
1736 }
1737 }
1738 }
1739
1740 /* Read any format left precision (must be a number, not *). */
1741 if (fki->left_precision_char != 0 && *format_chars == '#')
1742 {
1743 ++format_chars;
1744 i = strlen (flag_chars);
1745 flag_chars[i++] = fki->left_precision_char;
1746 flag_chars[i] = 0;
1747 if (!ISDIGIT (*format_chars))
1748 status_warning (status, "empty left precision in %s format",
1749 fki->name);
1750 while (ISDIGIT (*format_chars))
1751 ++format_chars;
1752 }
1753
1754 /* Read any format precision, possibly * or *m$. */
1755 if (fki->precision_char != 0 && *format_chars == '.')
1756 {
1757 ++format_chars;
1758 i = strlen (flag_chars);
1759 flag_chars[i++] = fki->precision_char;
1760 flag_chars[i] = 0;
1761 if (fki->precision_type != NULL && *format_chars == '*')
1762 {
1763 /* "...a...precision...may be indicated by an asterisk.
1764 In this case, an int argument supplies the...precision." */
1765 ++format_chars;
1766 if (has_operand_number != 0)
1767 {
1768 int opnum;
1769 opnum = maybe_read_dollar_number (status, &format_chars,
1770 has_operand_number == 1,
1771 first_fillin_param,
1772 &params, fki);
1773 if (opnum == -1)
1774 return;
1775 else if (opnum > 0)
1776 {
1777 has_operand_number = 1;
1778 arg_num = opnum + info->first_arg_num - 1;
1779 }
1780 else
1781 has_operand_number = 0;
1782 }
1783 if (info->first_arg_num != 0)
1784 {
1785 if (params == 0)
1786 {
1787 status_warning (status, "too few arguments for format");
1788 return;
1789 }
1790 cur_param = TREE_VALUE (params);
1791 if (has_operand_number <= 0)
1792 {
1793 params = TREE_CHAIN (params);
1794 ++arg_num;
1795 }
1796 precision_wanted_type.wanted_type = *fki->precision_type;
1797 precision_wanted_type.wanted_type_name = NULL;
1798 precision_wanted_type.pointer_count = 0;
1799 precision_wanted_type.char_lenient_flag = 0;
1800 precision_wanted_type.writing_in_flag = 0;
1801 precision_wanted_type.reading_from_flag = 0;
1802 precision_wanted_type.name = _("field precision");
1803 precision_wanted_type.param = cur_param;
1804 precision_wanted_type.arg_num = arg_num;
1805 precision_wanted_type.next = NULL;
1806 if (last_wanted_type != 0)
1807 last_wanted_type->next = &precision_wanted_type;
1808 if (first_wanted_type == 0)
1809 first_wanted_type = &precision_wanted_type;
1810 last_wanted_type = &precision_wanted_type;
1811 }
1812 }
1813 else
1814 {
1815 if (!(fki->flags & (int) FMT_FLAG_EMPTY_PREC_OK)
1816 && !ISDIGIT (*format_chars))
1817 status_warning (status, "empty precision in %s format",
1818 fki->name);
1819 while (ISDIGIT (*format_chars))
1820 ++format_chars;
1821 }
1822 }
1823
1824 /* Read any length modifier, if this kind of format has them. */
1825 fli = fki->length_char_specs;
1826 length_chars = NULL;
1827 length_chars_val = FMT_LEN_none;
1828 length_chars_std = STD_C89;
1829 if (fli)
1830 {
1831 while (fli->name != 0 && fli->name[0] != *format_chars)
1832 fli++;
1833 if (fli->name != 0)
1834 {
1835 format_chars++;
1836 if (fli->double_name != 0 && fli->name[0] == *format_chars)
1837 {
1838 format_chars++;
1839 length_chars = fli->double_name;
1840 length_chars_val = fli->double_index;
1841 length_chars_std = fli->double_std;
1842 }
1843 else
1844 {
1845 length_chars = fli->name;
1846 length_chars_val = fli->index;
1847 length_chars_std = fli->std;
1848 }
1849 i = strlen (flag_chars);
1850 flag_chars[i++] = fki->length_code_char;
1851 flag_chars[i] = 0;
1852 }
1853 if (pedantic)
1854 {
1855 /* Warn if the length modifier is non-standard. */
1856 if (ADJ_STD (length_chars_std) > C_STD_VER)
1857 status_warning (status, "%s does not support the `%s' %s length modifier",
1858 C_STD_NAME (length_chars_std), length_chars,
1859 fki->name);
1860 }
1861 }
1862
1863 /* Read any modifier (strftime E/O). */
1864 if (fki->modifier_chars != NULL)
1865 {
1866 while (*format_chars != 0
1867 && strchr (fki->modifier_chars, *format_chars) != 0)
1868 {
1869 if (strchr (flag_chars, *format_chars) != 0)
1870 {
1871 const format_flag_spec *s = get_flag_spec (flag_specs,
1872 *format_chars, NULL);
1873 status_warning (status, "repeated %s in format", _(s->name));
1874 }
1875 else
1876 {
1877 i = strlen (flag_chars);
1878 flag_chars[i++] = *format_chars;
1879 flag_chars[i] = 0;
1880 }
1881 ++format_chars;
1882 }
1883 }
1884
1885 /* Handle the scanf allocation kludge. */
1886 if (fki->flags & (int) FMT_FLAG_SCANF_A_KLUDGE)
1887 {
1888 if (*format_chars == 'a' && !flag_isoc99)
1889 {
1890 if (format_chars[1] == 's' || format_chars[1] == 'S'
1891 || format_chars[1] == '[')
1892 {
1893 /* `a' is used as a flag. */
1894 i = strlen (flag_chars);
1895 flag_chars[i++] = 'a';
1896 flag_chars[i] = 0;
1897 format_chars++;
1898 }
1899 }
1900 }
1901
1902 format_char = *format_chars;
1903 if (format_char == 0
1904 || (!(fki->flags & (int) FMT_FLAG_FANCY_PERCENT_OK)
1905 && format_char == '%'))
1906 {
1907 status_warning (status, "conversion lacks type at end of format");
1908 continue;
1909 }
1910 format_chars++;
1911 fci = fki->conversion_specs;
1912 while (fci->format_chars != 0
1913 && strchr (fci->format_chars, format_char) == 0)
1914 ++fci;
1915 if (fci->format_chars == 0)
1916 {
1917 if (ISGRAPH(format_char))
1918 status_warning (status, "unknown conversion type character `%c' in format",
1919 format_char);
1920 else
1921 status_warning (status, "unknown conversion type character 0x%x in format",
1922 format_char);
1923 continue;
1924 }
1925 if (pedantic)
1926 {
1927 if (ADJ_STD (fci->std) > C_STD_VER)
1928 status_warning (status, "%s does not support the `%%%c' %s format",
1929 C_STD_NAME (fci->std), format_char, fki->name);
1930 }
1931
1932 /* Validate the individual flags used, removing any that are invalid. */
1933 {
1934 int d = 0;
1935 for (i = 0; flag_chars[i] != 0; i++)
1936 {
1937 const format_flag_spec *s = get_flag_spec (flag_specs,
1938 flag_chars[i], NULL);
1939 flag_chars[i - d] = flag_chars[i];
1940 if (flag_chars[i] == fki->length_code_char)
1941 continue;
1942 if (strchr (fci->flag_chars, flag_chars[i]) == 0)
1943 {
1944 status_warning (status, "%s used with `%%%c' %s format",
1945 _(s->name), format_char, fki->name);
1946 d++;
1947 continue;
1948 }
1949 if (pedantic)
1950 {
1951 const format_flag_spec *t;
1952 if (ADJ_STD (s->std) > C_STD_VER)
1953 status_warning (status, "%s does not support %s",
1954 C_STD_NAME (s->std), _(s->long_name));
1955 t = get_flag_spec (flag_specs, flag_chars[i], fci->flags2);
1956 if (t != NULL && ADJ_STD (t->std) > ADJ_STD (s->std))
1957 {
1958 const char *long_name = (t->long_name != NULL
1959 ? t->long_name
1960 : s->long_name);
1961 if (ADJ_STD (t->std) > C_STD_VER)
1962 status_warning (status, "%s does not support %s with the `%%%c' %s format",
1963 C_STD_NAME (t->std), _(long_name),
1964 format_char, fki->name);
1965 }
1966 }
1967 }
1968 flag_chars[i - d] = 0;
1969 }
1970
1971 if ((fki->flags & (int) FMT_FLAG_SCANF_A_KLUDGE)
1972 && strchr (flag_chars, 'a') != 0)
1973 aflag = 1;
1974
1975 if (fki->suppression_char
1976 && strchr (flag_chars, fki->suppression_char) != 0)
1977 suppressed = 1;
1978
1979 /* Validate the pairs of flags used. */
1980 for (i = 0; bad_flag_pairs[i].flag_char1 != 0; i++)
1981 {
1982 const format_flag_spec *s, *t;
1983 if (strchr (flag_chars, bad_flag_pairs[i].flag_char1) == 0)
1984 continue;
1985 if (strchr (flag_chars, bad_flag_pairs[i].flag_char2) == 0)
1986 continue;
1987 if (bad_flag_pairs[i].predicate != 0
1988 && strchr (fci->flags2, bad_flag_pairs[i].predicate) == 0)
1989 continue;
1990 s = get_flag_spec (flag_specs, bad_flag_pairs[i].flag_char1, NULL);
1991 t = get_flag_spec (flag_specs, bad_flag_pairs[i].flag_char2, NULL);
1992 if (bad_flag_pairs[i].ignored)
1993 {
1994 if (bad_flag_pairs[i].predicate != 0)
1995 status_warning (status, "%s ignored with %s and `%%%c' %s format",
1996 _(s->name), _(t->name), format_char,
1997 fki->name);
1998 else
1999 status_warning (status, "%s ignored with %s in %s format",
2000 _(s->name), _(t->name), fki->name);
2001 }
2002 else
2003 {
2004 if (bad_flag_pairs[i].predicate != 0)
2005 status_warning (status, "use of %s and %s together with `%%%c' %s format",
2006 _(s->name), _(t->name), format_char,
2007 fki->name);
2008 else
2009 status_warning (status, "use of %s and %s together in %s format",
2010 _(s->name), _(t->name), fki->name);
2011 }
2012 }
2013
2014 /* Give Y2K warnings. */
2015 if (warn_format_y2k)
2016 {
2017 int y2k_level = 0;
2018 if (strchr (fci->flags2, '4') != 0)
2019 if (strchr (flag_chars, 'E') != 0)
2020 y2k_level = 3;
2021 else
2022 y2k_level = 2;
2023 else if (strchr (fci->flags2, '3') != 0)
2024 y2k_level = 3;
2025 else if (strchr (fci->flags2, '2') != 0)
2026 y2k_level = 2;
2027 if (y2k_level == 3)
2028 status_warning (status, "`%%%c' yields only last 2 digits of year in some locales",
2029 format_char);
2030 else if (y2k_level == 2)
2031 status_warning (status, "`%%%c' yields only last 2 digits of year", format_char);
2032 }
2033
2034 if (strchr (fci->flags2, '[') != 0)
2035 {
2036 /* Skip over scan set, in case it happens to have '%' in it. */
2037 if (*format_chars == '^')
2038 ++format_chars;
2039 /* Find closing bracket; if one is hit immediately, then
2040 it's part of the scan set rather than a terminator. */
2041 if (*format_chars == ']')
2042 ++format_chars;
2043 while (*format_chars && *format_chars != ']')
2044 ++format_chars;
2045 if (*format_chars != ']')
2046 /* The end of the format string was reached. */
2047 status_warning (status, "no closing `]' for `%%[' format");
2048 }
2049
2050 wanted_type = 0;
2051 wanted_type_name = 0;
2052 if (fki->flags & (int) FMT_FLAG_ARG_CONVERT)
2053 {
2054 wanted_type = (fci->types[length_chars_val].type
2055 ? *fci->types[length_chars_val].type : 0);
2056 wanted_type_name = fci->types[length_chars_val].name;
2057 wanted_type_std = fci->types[length_chars_val].std;
2058 if (wanted_type == 0)
2059 {
2060 status_warning (status, "use of `%s' length modifier with `%c' type character",
2061 length_chars, format_char);
2062 /* Heuristic: skip one argument when an invalid length/type
2063 combination is encountered. */
2064 arg_num++;
2065 if (params == 0)
2066 {
2067 status_warning (status, "too few arguments for format");
2068 return;
2069 }
2070 params = TREE_CHAIN (params);
2071 continue;
2072 }
2073 else if (pedantic
2074 /* Warn if non-standard, provided it is more non-standard
2075 than the length and type characters that may already
2076 have been warned for. */
2077 && ADJ_STD (wanted_type_std) > ADJ_STD (length_chars_std)
2078 && ADJ_STD (wanted_type_std) > ADJ_STD (fci->std))
2079 {
2080 if (ADJ_STD (wanted_type_std) > C_STD_VER)
2081 status_warning (status, "%s does not support the `%%%s%c' %s format",
2082 C_STD_NAME (wanted_type_std), length_chars,
2083 format_char, fki->name);
2084 }
2085 }
2086
2087 /* Finally. . .check type of argument against desired type! */
2088 if (info->first_arg_num == 0)
2089 continue;
2090 if ((fci->pointer_count == 0 && wanted_type == void_type_node)
2091 || suppressed)
2092 {
2093 if (main_arg_num != 0)
2094 {
2095 if (suppressed)
2096 status_warning (status, "operand number specified with suppressed assignment");
2097 else
2098 status_warning (status, "operand number specified for format taking no argument");
2099 }
2100 }
2101 else
2102 {
2103 if (main_arg_num != 0)
2104 {
2105 arg_num = main_arg_num;
2106 params = main_arg_params;
2107 }
2108 else
2109 {
2110 ++arg_num;
2111 if (has_operand_number > 0)
2112 {
2113 status_warning (status, "missing $ operand number in format");
2114 return;
2115 }
2116 else
2117 has_operand_number = 0;
2118 if (params == 0)
2119 {
2120 status_warning (status, "too few arguments for format");
2121 return;
2122 }
2123 }
2124 cur_param = TREE_VALUE (params);
2125 params = TREE_CHAIN (params);
2126 main_wanted_type.wanted_type = wanted_type;
2127 main_wanted_type.wanted_type_name = wanted_type_name;
2128 main_wanted_type.pointer_count = fci->pointer_count + aflag;
2129 main_wanted_type.char_lenient_flag = 0;
2130 if (strchr (fci->flags2, 'c') != 0)
2131 main_wanted_type.char_lenient_flag = 1;
2132 main_wanted_type.writing_in_flag = 0;
2133 main_wanted_type.reading_from_flag = 0;
2134 if (aflag)
2135 main_wanted_type.writing_in_flag = 1;
2136 else
2137 {
2138 if (strchr (fci->flags2, 'W') != 0)
2139 main_wanted_type.writing_in_flag = 1;
2140 if (strchr (fci->flags2, 'R') != 0)
2141 main_wanted_type.reading_from_flag = 1;
2142 }
2143 main_wanted_type.name = NULL;
2144 main_wanted_type.param = cur_param;
2145 main_wanted_type.arg_num = arg_num;
2146 main_wanted_type.next = NULL;
2147 if (last_wanted_type != 0)
2148 last_wanted_type->next = &main_wanted_type;
2149 if (first_wanted_type == 0)
2150 first_wanted_type = &main_wanted_type;
2151 last_wanted_type = &main_wanted_type;
2152 }
2153
2154 if (first_wanted_type != 0)
2155 check_format_types (status, first_wanted_type);
2156
2157 }
2158 }
2159
2160
2161 /* Check the argument types from a single format conversion (possibly
2162 including width and precision arguments). */
2163 static void
2164 check_format_types (status, types)
2165 int *status;
2166 format_wanted_type *types;
2167 {
2168 for (; types != 0; types = types->next)
2169 {
2170 tree cur_param;
2171 tree cur_type;
2172 tree orig_cur_type;
2173 tree wanted_type;
2174 int arg_num;
2175 int i;
2176 int char_type_flag;
2177 cur_param = types->param;
2178 cur_type = TREE_TYPE (cur_param);
2179 if (cur_type == error_mark_node)
2180 continue;
2181 char_type_flag = 0;
2182 wanted_type = types->wanted_type;
2183 arg_num = types->arg_num;
2184
2185 /* The following should not occur here. */
2186 if (wanted_type == 0)
2187 abort ();
2188 if (wanted_type == void_type_node && types->pointer_count == 0)
2189 abort ();
2190
2191 if (types->pointer_count == 0)
2192 wanted_type = (*lang_hooks.types.type_promotes_to) (wanted_type);
2193
2194 STRIP_NOPS (cur_param);
2195
2196 /* Check the types of any additional pointer arguments
2197 that precede the "real" argument. */
2198 for (i = 0; i < types->pointer_count; ++i)
2199 {
2200 if (TREE_CODE (cur_type) == POINTER_TYPE)
2201 {
2202 cur_type = TREE_TYPE (cur_type);
2203 if (cur_type == error_mark_node)
2204 break;
2205
2206 /* Check for writing through a NULL pointer. */
2207 if (types->writing_in_flag
2208 && i == 0
2209 && cur_param != 0
2210 && integer_zerop (cur_param))
2211 status_warning (status,
2212 "writing through null pointer (arg %d)",
2213 arg_num);
2214
2215 /* Check for reading through a NULL pointer. */
2216 if (types->reading_from_flag
2217 && i == 0
2218 && cur_param != 0
2219 && integer_zerop (cur_param))
2220 status_warning (status,
2221 "reading through null pointer (arg %d)",
2222 arg_num);
2223
2224 if (cur_param != 0 && TREE_CODE (cur_param) == ADDR_EXPR)
2225 cur_param = TREE_OPERAND (cur_param, 0);
2226 else
2227 cur_param = 0;
2228
2229 /* See if this is an attempt to write into a const type with
2230 scanf or with printf "%n". Note: the writing in happens
2231 at the first indirection only, if for example
2232 void * const * is passed to scanf %p; passing
2233 const void ** is simply passing an incompatible type. */
2234 if (types->writing_in_flag
2235 && i == 0
2236 && (TYPE_READONLY (cur_type)
2237 || (cur_param != 0
2238 && (TREE_CODE_CLASS (TREE_CODE (cur_param)) == 'c'
2239 || (DECL_P (cur_param)
2240 && TREE_READONLY (cur_param))))))
2241 status_warning (status, "writing into constant object (arg %d)", arg_num);
2242
2243 /* If there are extra type qualifiers beyond the first
2244 indirection, then this makes the types technically
2245 incompatible. */
2246 if (i > 0
2247 && pedantic
2248 && (TYPE_READONLY (cur_type)
2249 || TYPE_VOLATILE (cur_type)
2250 || TYPE_RESTRICT (cur_type)))
2251 status_warning (status, "extra type qualifiers in format argument (arg %d)",
2252 arg_num);
2253
2254 }
2255 else
2256 {
2257 if (types->pointer_count == 1)
2258 status_warning (status, "format argument is not a pointer (arg %d)", arg_num);
2259 else
2260 status_warning (status, "format argument is not a pointer to a pointer (arg %d)", arg_num);
2261 break;
2262 }
2263 }
2264
2265 if (i < types->pointer_count)
2266 continue;
2267
2268 orig_cur_type = cur_type;
2269 cur_type = TYPE_MAIN_VARIANT (cur_type);
2270
2271 /* Check whether the argument type is a character type. This leniency
2272 only applies to certain formats, flagged with 'c'.
2273 */
2274 if (types->char_lenient_flag)
2275 char_type_flag = (cur_type == char_type_node
2276 || cur_type == signed_char_type_node
2277 || cur_type == unsigned_char_type_node);
2278
2279 /* Check the type of the "real" argument, if there's a type we want. */
2280 if (wanted_type == cur_type)
2281 continue;
2282 /* If we want `void *', allow any pointer type.
2283 (Anything else would already have got a warning.)
2284 With -pedantic, only allow pointers to void and to character
2285 types. */
2286 if (wanted_type == void_type_node
2287 && (!pedantic || (i == 1 && char_type_flag)))
2288 continue;
2289 /* Don't warn about differences merely in signedness, unless
2290 -pedantic. With -pedantic, warn if the type is a pointer
2291 target and not a character type, and for character types at
2292 a second level of indirection. */
2293 if (TREE_CODE (wanted_type) == INTEGER_TYPE
2294 && TREE_CODE (cur_type) == INTEGER_TYPE
2295 && (! pedantic || i == 0 || (i == 1 && char_type_flag))
2296 && (TREE_UNSIGNED (wanted_type)
2297 ? wanted_type == c_common_unsigned_type (cur_type)
2298 : wanted_type == c_common_signed_type (cur_type)))
2299 continue;
2300 /* Likewise, "signed char", "unsigned char" and "char" are
2301 equivalent but the above test won't consider them equivalent. */
2302 if (wanted_type == char_type_node
2303 && (! pedantic || i < 2)
2304 && char_type_flag)
2305 continue;
2306 /* Now we have a type mismatch. */
2307 {
2308 const char *this;
2309 const char *that;
2310
2311 this = IDENTIFIER_POINTER (DECL_NAME (TYPE_NAME (wanted_type)));
2312 that = 0;
2313 if (TYPE_NAME (orig_cur_type) != 0
2314 && TREE_CODE (orig_cur_type) != INTEGER_TYPE
2315 && !(TREE_CODE (orig_cur_type) == POINTER_TYPE
2316 && TREE_CODE (TREE_TYPE (orig_cur_type)) == INTEGER_TYPE))
2317 {
2318 if (TREE_CODE (TYPE_NAME (orig_cur_type)) == TYPE_DECL
2319 && DECL_NAME (TYPE_NAME (orig_cur_type)) != 0)
2320 that = IDENTIFIER_POINTER (DECL_NAME (TYPE_NAME (orig_cur_type)));
2321 else
2322 that = IDENTIFIER_POINTER (TYPE_NAME (orig_cur_type));
2323 }
2324
2325 /* A nameless type can't possibly match what the format wants.
2326 So there will be a warning for it.
2327 Make up a string to describe vaguely what it is. */
2328 if (that == 0)
2329 {
2330 if (TREE_CODE (orig_cur_type) == POINTER_TYPE)
2331 that = _("pointer");
2332 else
2333 that = _("different type");
2334 }
2335
2336 /* Make the warning better in case of mismatch of int vs long. */
2337 if (TREE_CODE (orig_cur_type) == INTEGER_TYPE
2338 && TREE_CODE (wanted_type) == INTEGER_TYPE
2339 && TYPE_PRECISION (orig_cur_type) == TYPE_PRECISION (wanted_type)
2340 && TYPE_NAME (orig_cur_type) != 0
2341 && TREE_CODE (TYPE_NAME (orig_cur_type)) == TYPE_DECL)
2342 that = IDENTIFIER_POINTER (DECL_NAME (TYPE_NAME (orig_cur_type)));
2343
2344 if (strcmp (this, that) != 0)
2345 {
2346 /* There may be a better name for the format, e.g. size_t,
2347 but we should allow for programs with a perverse typedef
2348 making size_t something other than what the compiler
2349 thinks. */
2350 if (types->wanted_type_name != 0
2351 && strcmp (types->wanted_type_name, that) != 0)
2352 this = types->wanted_type_name;
2353 if (types->name != 0)
2354 status_warning (status, "%s is not type %s (arg %d)", types->name, this,
2355 arg_num);
2356 else
2357 status_warning (status, "%s format, %s arg (arg %d)", this, that, arg_num);
2358 }
2359 }
2360 }
2361 }