[clang] [-Wunsafe-buffer-usage] Fix crashes in "Add check for custom printf/scanf functions #173096" (PR #174683)

Ziqing Luo via cfe-commits Wed, 07 Jan 2026 13:13:33 -0800

================
@@ -2221,17 +2220,43 @@ class UnsafeFormatAttributedFunctionCallGadget : public 
WarningGadget {
         });
     const Expr *UnsafeArg;
 
-    if (AnyAttr && !IsPrintf &&
-        (CE->getNumArgs() >= static_cast<unsigned>(Attr->getFirstArg()))) {
-      // for scanf-like functions, any format argument is considered unsafe:
+    if (!AnyAttr)
+      return false;
+
+    // FormatAttribute indexes are 1-based:
+    unsigned FmtIdx = Attr->getFormatIdx() - 1;
+    std::optional<unsigned> FmtArgIdx = Attr->getFirstArg() - 1;
+
+    if (isa<CXXMemberCallExpr>(CE)) {
+      // For CXX member calls, attribute parameters are specified as if there 
is
----------------
ziqingluo-90 wrote:


done

https://github.com/llvm/llvm-project/pull/174683
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [-Wunsafe-buffer-usage] Fix crashes in "Add check for custom printf/scanf functions #173096" (PR #174683)

Reply via email to