http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50154
Bug #: 50154
Summary: attribute printf and scanf should imply attribute
nonnull
Classification: Unclassified
Product: gcc
Version: 4.6.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
AssignedTo: unassig...@gcc.gnu.org
ReportedBy: br...@clisp.org
Created attachment 25076
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=25076
test case
When a function is declared as taking a printf or scanf format string, gcc
gives a warning when a format string with invalid syntax is passed. It should
also give a warning when a NULL format string is passed.
How to reproduce:
Save the test case file as foo.c.
$ gcc -Wformat=2 -c foo.c
[no warning]
$ gcc -Wformat=2 -c foo.c -DDECLARE_NONNULL
foo.c: In function 'foo':
foo.c:10:3: warning: null argument where non-null required (argument 3)
[-Wnonnull]
Rationale:
1) ISO C 99 specifies that the printf and scanf format strings must be
"multibyte
character sequences"; that excludes NULL.
See ISO C 99 sections 7.19.6.1 paragraph 3 and 7.19.6.2 paragraph 3.
2) Passing NULL as first argument to printf crashes the program on FreeBSD,
Solaris, and other platforms.
