From 4bb9449e47a24e6bd0944304d83e18927f76a220 Mon Sep 17 00:00:00 2001 From: Přemysl Eric Janouch
Date: Fri, 16 Jun 2023 19:42:54 +0200 Subject: Fix the static analysis test Adjust its query so that it doesn't cause a particular false positive. --- test-static | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/test-static b/test-static index 85d7f4f..4b74e24 100755 --- a/test-static +++ b/test-static @@ -1,8 +1,16 @@ #!/bin/sh # We don't use printf's percent notation with our custom logging mechanism, -# so the compiler cannot check it for us like it usually does +# so the compiler cannot check it for us like it usually does. +# +# In clang-query terms, the string we're interested in can be found through: +# set traversal IgnoreUnlessSpelledInSource +# set output dump +# match callExpr(callee(functionDecl( +# hasName("log_full"))), +# hasArgument(5, stringLiteral().bind("format"))) +# However, the tool is too restricted to be useful in a shell script. perl -n0777 - "$(dirname "$0")"/xC.c <<-'END' - while (/\blog_[^ ]+\s*\([^"()]*"[^"]*%[^%][^"]*"/gm) { + while (/\blog_[^ ]+\s*\([^"()]*"[^"]*%\w[^"]*"/gm) { my ($p, $m) = ($`, $&); printf "$ARGV:%d: suspicious log format string: %s...\n", (1 + $p =~ tr/\n//), ($m =~ s/\s+/ /rg); -- cgit v1.2.3-70-g09d2