274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
|
/* A string literal is safe for use with %s */
if( is_string_lit(z) ) return 1;
/* Certain functions are guaranteed to return a string that is safe
** for use with %s */
z = next_non_whitespace(z, &len, &eType);
for(i=0; i<sizeof(azSafeFunc)/sizeof(azSafeFunc[0]); i++){
if( eType==TK_ID
&& strncmp(z, azSafeFunc[i], len)==0
&& strlen(azSafeFunc[i])==len
){
return 1;
}
}
/* Expressions of the form: EXPR ? "..." : "...." can count as
** a string literal. */
if( is_string_expr(z) ) return 1;
/* If the "safe-for-%s" comment appears in the argument, then
** let it through */
if( strstr(z, "/*safe-for-%s*/")!=0 ) return 1;
|
|
|
|
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
|
/* A string literal is safe for use with %s */
if( is_string_lit(z) ) return 1;
/* Certain functions are guaranteed to return a string that is safe
** for use with %s */
z = next_non_whitespace(z, &len, &eType);
for(i=0; i<sizeof(azSafeFunc)/sizeof(azSafeFunc[0]); i++){
if( eType==TK_ID
&& strncmp(z, azSafeFunc[i], len)==0
&& strlen(azSafeFunc[i])==len
){
return 1;
}
}
/* Expressions of the form: EXPR ? "..." : "...." can count as
** a string literal. */
if( is_string_expr(z) ) return 1;
/* If the "safe-for-%s" comment appears in the argument, then
** let it through */
if( strstr(z, "/*safe-for-%s*/")!=0 ) return 1;
return 0;
}
/*
** Processing flags
*/
#define FMT_NO_S 0x00001 /* Do not allow %s substitutions */
|
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
|
if( z[len]==0 ) break;
z[len] = 0;
for(i=len-1; i>0 && isspace(z[i]); i--){ z[i] = 0; }
z += len + 1;
}
acType = (char*)&azArg[nArg];
if( fmtArg>nArg ){
printf("%s:%d: too few arguments to %.*s()\n",
zFilename, lnFCall, szFName, zFCall);
nErr++;
}else{
const char *zFmt = azArg[fmtArg-1];
const char *zOverride = strstr(zFmt, "/*works-like:");
if( zOverride ) zFmt = zOverride + sizeof("/*works-like:")-1;
if( !is_string_lit(zFmt) ){
|
|
|
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
|
if( z[len]==0 ) break;
z[len] = 0;
for(i=len-1; i>0 && isspace(z[i]); i--){ z[i] = 0; }
z += len + 1;
}
acType = (char*)&azArg[nArg];
if( fmtArg>nArg ){
printf("%s:%d: too few arguments to %.*s()\n",
zFilename, lnFCall, szFName, zFCall);
nErr++;
}else{
const char *zFmt = azArg[fmtArg-1];
const char *zOverride = strstr(zFmt, "/*works-like:");
if( zOverride ) zFmt = zOverride + sizeof("/*works-like:")-1;
if( !is_string_lit(zFmt) ){
|
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
|
nCurly++;
}else if( z[0]=='}' ){
nCurly--;
}else if( nCurly>0 && z[0]=='(' && ePrev==TK_ID
&& (x = isFormatFunc(zPrev,szPrev,&fmtFlags))>0 ){
nErr += checkFormatFunc(zName, zPrev, lnPrev, x, fmtFlags);
}
}
zPrev = z;
ePrev = eToken;
szPrev = szToken;
lnPrev = ln;
}
return nErr;
}
|
|
|
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
|
nCurly++;
}else if( z[0]=='}' ){
nCurly--;
}else if( nCurly>0 && z[0]=='(' && ePrev==TK_ID
&& (x = isFormatFunc(zPrev,szPrev,&fmtFlags))>0 ){
nErr += checkFormatFunc(zName, zPrev, lnPrev, x, fmtFlags);
}
}
zPrev = z;
ePrev = eToken;
szPrev = szToken;
lnPrev = ln;
}
return nErr;
}
|