format string checker does not employ simple constant propagation

[Quuxplusone]

Bugzilla Link	PR1870
Status	RESOLVED FIXED
Importance	P enhancement
Reported by	Ted Kremenek (kremenek@apple.com)
Reported on	2007-12-18 12:51:39 -0800
Last modified on	2009-02-26 18:02:38 -0800
Version	unspecified
Hardware	All All
CC	giles@ghostscript.com, kremenek@apple.com, llvm-bugs@lists.llvm.org
Fixed by commit(s)
Attachments
Blocks
Blocked by
See also

The following is a false positive (reported by Nico Weber) emitted by the
format string checker:

s0539:src nico$ cat test.c
#include "stdio.h"

int main() {
  char buf[1];
  sprintf(buf, 1 ? "" : "");
}
s0539:src nico$ ./clang test.c
running "/Users/nico/src/llvm-svn/Debug/bin/clang -fsyntax-only test.c"
test.c:5:16: warning: format string is not a string literal
(potentially insecure)
  sprintf(buf, 1 ? "" : "");
  ~~~~~~~      ^
1 diagnostic generated.

The false positive is a result of the checker not performing simple constant
propagation of the string literal.  Such expressions may be the result of macro
expansion, and thus should be handled in order to suppress spurious warnings on
correct code.

[Quuxplusone]

The new "Evaluate" logic may be able to do this.

[Quuxplusone]

_Bug 3218 has been marked as a duplicate of this bug._

[Quuxplusone]

This bug has been fixed for a while now. Closing.