Home Explore Help
Sign In
O3DE
/
DirectXShaderCompiler
mirror of https://github.com/o3de/DirectXShaderCompiler
2
0
Fork 0
Files Issues 0 Wiki
Tree: 283b71ca16
Branches Tags
DirectXShaderCo...
/
tools
/
clang
/
lib
/
Analysis
/
ScanfFormatString.cpp

ScanfFormatString.cpp 18 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553 
  1. //= ScanfFormatString.cpp - Analysis of printf format strings --*- C++ -*-===//
    2. 

  2. //
    3. 

  3. //                     The LLVM Compiler Infrastructure
    4. 

  4. //
    5. 

  5. // This file is distributed under the University of Illinois Open Source
    6. 

  6. // License. See LICENSE.TXT for details.
    7. 

  7. //
    8. 

  8. //===----------------------------------------------------------------------===//
    9. 

  9. //
    10. 

  10. // Handling of format string in scanf and friends.  The structure of format
    11. 

  11. // strings for fscanf() are described in C99 7.19.6.2.
    12. 

  12. //
    13. 

  13. //===----------------------------------------------------------------------===//
    14. 

  14. 

  15. #include "clang/Analysis/Analyses/FormatString.h"
    16. 

  16. #include "FormatStringParsing.h"
    17. 

  17. #include "clang/Basic/TargetInfo.h"
    18. 

  18. 

  19. using clang::analyze_format_string::ArgType;
    20. 

  20. using clang::analyze_format_string::FormatStringHandler;
    21. 

  21. using clang::analyze_format_string::LengthModifier;
    22. 

  22. using clang::analyze_format_string::OptionalAmount;
    23. 

  23. using clang::analyze_format_string::ConversionSpecifier;
    24. 

  24. using clang::analyze_scanf::ScanfConversionSpecifier;
    25. 

  25. using clang::analyze_scanf::ScanfSpecifier;
    26. 

  26. using clang::UpdateOnReturn;
    27. 

  27. using namespace clang;
    28. 

  28. 

  29. typedef clang::analyze_format_string::SpecifierResult<ScanfSpecifier>
    30. 

  30.         ScanfSpecifierResult;
    31. 

  31. 

  32. static bool ParseScanList(FormatStringHandler &H,
    33. 

  33.                           ScanfConversionSpecifier &CS,
    34. 

  34.                           const char *&Beg, const char *E) {
    35. 

  35.   const char *I = Beg;
    36. 

  36.   const char *start = I - 1;
    37. 

  37.   UpdateOnReturn <const char*> UpdateBeg(Beg, I);
    38. 

  38. 

  39.   // No more characters?
    40. 

  40.   if (I == E) {
    41. 

  41.     H.HandleIncompleteScanList(start, I);
    42. 

  42.     return true;
    43. 

  43.   }
    44. 

  44.   
    45. 

  45.   // Special case: ']' is the first character.
    46. 

  46.   if (*I == ']') {
    47. 

  47.     if (++I == E) {
    48. 

  48.       H.HandleIncompleteScanList(start, I - 1);
    49. 

  49.       return true;
    50. 

  50.     }
    51. 

  51.   }
    52. 

  52. 

  53.   // Special case: "^]" are the first characters.
    54. 

  54.   if (I + 1 != E && I[0] == '^' && I[1] == ']') {
    55. 

  55.     I += 2;
    56. 

  56.     if (I == E) {
    57. 

  57.       H.HandleIncompleteScanList(start, I - 1);
    58. 

  58.       return true;
    59. 

  59.     }
    60. 

  60.   }
    61. 

  61. 

  62.   // Look for a ']' character which denotes the end of the scan list.
    63. 

  63.   while (*I != ']') {
    64. 

  64.     if (++I == E) {
    65. 

  65.       H.HandleIncompleteScanList(start, I - 1);
    66. 

  66.       return true;
    67. 

  67.     }
    68. 

  68.   }    
    69. 

  69. 

  70.   CS.setEndScanList(I);
    71. 

  71.   return false;
    72. 

  72. }
    73. 

  73. 

  74. // FIXME: Much of this is copy-paste from ParsePrintfSpecifier.
    75. 

  75. // We can possibly refactor.
    76. 

  76. static ScanfSpecifierResult ParseScanfSpecifier(FormatStringHandler &H,
    77. 

  77.                                                 const char *&Beg,
    78. 

  78.                                                 const char *E,
    79. 

  79.                                                 unsigned &argIndex,
    80. 

  80.                                                 const LangOptions &LO,
    81. 

  81.                                                 const TargetInfo &Target) {
    82. 

  82.   
    83. 

  83.   using namespace clang::analyze_scanf;
    84. 

  84.   const char *I = Beg;
    85. 

  85.   const char *Start = nullptr;
    86. 

  86.   UpdateOnReturn <const char*> UpdateBeg(Beg, I);
    87. 

  87. 

  88.     // Look for a '%' character that indicates the start of a format specifier.
    89. 

  89.   for ( ; I != E ; ++I) {
    90. 

  90.     char c = *I;
    91. 

  91.     if (c == '\0') {
    92. 

  92.         // Detect spurious null characters, which are likely errors.
    93. 

  93.       H.HandleNullChar(I);
    94. 

  94.       return true;
    95. 

  95.     }
    96. 

  96.     if (c == '%') {
    97. 

  97.       Start = I++;  // Record the start of the format specifier.
    98. 

  98.       break;
    99. 

  99.     }
    100. 

  100.   }
    101. 

  101.   
    102. 

  102.     // No format specifier found?
    103. 

  103.   if (!Start)
    104. 

  104.     return false;
    105. 

  105.   
    106. 

  106.   if (I == E) {
    107. 

  107.       // No more characters left?
    108. 

  108.     H.HandleIncompleteSpecifier(Start, E - Start);
    109. 

  109.     return true;
    110. 

  110.   }
    111. 

  111.   
    112. 

  112.   ScanfSpecifier FS;
    113. 

  113.   if (ParseArgPosition(H, FS, Start, I, E))
    114. 

  114.     return true;
    115. 

  115. 

  116.   if (I == E) {
    117. 

  117.       // No more characters left?
    118. 

  118.     H.HandleIncompleteSpecifier(Start, E - Start);
    119. 

  119.     return true;
    120. 

  120.   }
    121. 

  121.   
    122. 

  122.   // Look for '*' flag if it is present.
    123. 

  123.   if (*I == '*') {
    124. 

  124.     FS.setSuppressAssignment(I);
    125. 

  125.     if (++I == E) {
    126. 

  126.       H.HandleIncompleteSpecifier(Start, E - Start);
    127. 

  127.       return true;
    128. 

  128.     }
    129. 

  129.   }
    130. 

  130.   
    131. 

  131.   // Look for the field width (if any).  Unlike printf, this is either
    132. 

  132.   // a fixed integer or isn't present.
    133. 

  133.   const OptionalAmount &Amt = clang::analyze_format_string::ParseAmount(I, E);
    134. 

  134.   if (Amt.getHowSpecified() != OptionalAmount::NotSpecified) {
    135. 

  135.     assert(Amt.getHowSpecified() == OptionalAmount::Constant);
    136. 

  136.     FS.setFieldWidth(Amt);
    137. 

  137. 

  138.     if (I == E) {
    139. 

  139.       // No more characters left?
    140. 

  140.       H.HandleIncompleteSpecifier(Start, E - Start);
    141. 

  141.       return true;
    142. 

  142.     }
    143. 

  143.   }
    144. 

  144.   
    145. 

  145.   // Look for the length modifier.
    146. 

  146.   if (ParseLengthModifier(FS, I, E, LO, /*scanf=*/true) && I == E) {
    147. 

  147.       // No more characters left?
    148. 

  148.     H.HandleIncompleteSpecifier(Start, E - Start);
    149. 

  149.     return true;
    150. 

  150.   }
    151. 

  151.   
    152. 

  152.   // Detect spurious null characters, which are likely errors.
    153. 

  153.   if (*I == '\0') {
    154. 

  154.     H.HandleNullChar(I);
    155. 

  155.     return true;
    156. 

  156.   }
    157. 

  157.   
    158. 

  158.   // Finally, look for the conversion specifier.
    159. 

  159.   const char *conversionPosition = I++;
    160. 

  160.   ScanfConversionSpecifier::Kind k = ScanfConversionSpecifier::InvalidSpecifier;
    161. 

  161.   switch (*conversionPosition) {
    162. 

  162.     default:
    163. 

  163.       break;
    164. 

  164.     case '%': k = ConversionSpecifier::PercentArg;   break;
    165. 

  165.     case 'A': k = ConversionSpecifier::AArg; break;
    166. 

  166.     case 'E': k = ConversionSpecifier::EArg; break;
    167. 

  167.     case 'F': k = ConversionSpecifier::FArg; break;
    168. 

  168.     case 'G': k = ConversionSpecifier::GArg; break;
    169. 

  169.     case 'X': k = ConversionSpecifier::XArg; break;
    170. 

  170.     case 'a': k = ConversionSpecifier::aArg; break;
    171. 

  171.     case 'd': k = ConversionSpecifier::dArg; break;
    172. 

  172.     case 'e': k = ConversionSpecifier::eArg; break;
    173. 

  173.     case 'f': k = ConversionSpecifier::fArg; break;
    174. 

  174.     case 'g': k = ConversionSpecifier::gArg; break;
    175. 

  175.     case 'i': k = ConversionSpecifier::iArg; break;
    176. 

  176.     case 'n': k = ConversionSpecifier::nArg; break;
    177. 

  177.     case 'c': k = ConversionSpecifier::cArg; break;
    178. 

  178.     case 'C': k = ConversionSpecifier::CArg; break;
    179. 

  179.     case 'S': k = ConversionSpecifier::SArg; break;
    180. 

  180.     case '[': k = ConversionSpecifier::ScanListArg; break;
    181. 

  181.     case 'u': k = ConversionSpecifier::uArg; break;
    182. 

  182.     case 'x': k = ConversionSpecifier::xArg; break;
    183. 

  183.     case 'o': k = ConversionSpecifier::oArg; break;
    184. 

  184.     case 's': k = ConversionSpecifier::sArg; break;
    185. 

  185.     case 'p': k = ConversionSpecifier::pArg; break;
    186. 

  186.     // Apple extensions
    187. 

  187.       // Apple-specific
    188. 

  188.     case 'D':
    189. 

  189.       if (Target.getTriple().isOSDarwin())
    190. 

  190.         k = ConversionSpecifier::DArg;
    191. 

  191.       break;
    192. 

  192.     case 'O':
    193. 

  193.       if (Target.getTriple().isOSDarwin())
    194. 

  194.         k = ConversionSpecifier::OArg;
    195. 

  195.       break;
    196. 

  196.     case 'U':
    197. 

  197.       if (Target.getTriple().isOSDarwin())
    198. 

  198.         k = ConversionSpecifier::UArg;
    199. 

  199.       break;
    200. 

  200.   }
    201. 

  201.   ScanfConversionSpecifier CS(conversionPosition, k);
    202. 

  202.   if (k == ScanfConversionSpecifier::ScanListArg) {
    203. 

  203.     if (ParseScanList(H, CS, I, E))
    204. 

  204.       return true;
    205. 

  205.   }
    206. 

  206.   FS.setConversionSpecifier(CS);
    207. 

  207.   if (CS.consumesDataArgument() && !FS.getSuppressAssignment()
    208. 

  208.       && !FS.usesPositionalArg())
    209. 

  209.     FS.setArgIndex(argIndex++);
    210. 

  210.   
    211. 

  211.   // FIXME: '%' and '*' doesn't make sense.  Issue a warning.
    212. 

  212.   // FIXME: 'ConsumedSoFar' and '*' doesn't make sense.
    213. 

  213.   
    214. 

  214.   if (k == ScanfConversionSpecifier::InvalidSpecifier) {
    215. 

  215.     // Assume the conversion takes one argument.
    216. 

  216.     return !H.HandleInvalidScanfConversionSpecifier(FS, Beg, I - Beg);
    217. 

  217.   }
    218. 

  218.   return ScanfSpecifierResult(Start, FS);
    219. 

  219. }
    220. 

  220. 

  221. ArgType ScanfSpecifier::getArgType(ASTContext &Ctx) const {
    222. 

  222.   const ScanfConversionSpecifier &CS = getConversionSpecifier();
    223. 

  223. 

  224.   if (!CS.consumesDataArgument())
    225. 

  225.     return ArgType::Invalid();
    226. 

  226. 

  227.   switch(CS.getKind()) {
    228. 

  228.     // Signed int.
    229. 

  229.     case ConversionSpecifier::dArg:
    230. 

  230.     case ConversionSpecifier::DArg:
    231. 

  231.     case ConversionSpecifier::iArg:
    232. 

  232.       switch (LM.getKind()) {
    233. 

  233.         case LengthModifier::None:
    234. 

  234.           return ArgType::PtrTo(Ctx.IntTy);
    235. 

  235.         case LengthModifier::AsChar:
    236. 

  236.           return ArgType::PtrTo(ArgType::AnyCharTy);
    237. 

  237.         case LengthModifier::AsShort:
    238. 

  238.           return ArgType::PtrTo(Ctx.ShortTy);
    239. 

  239.         case LengthModifier::AsLong:
    240. 

  240.           return ArgType::PtrTo(Ctx.LongTy);
    241. 

  241.         case LengthModifier::AsLongLong:
    242. 

  242.         case LengthModifier::AsQuad:
    243. 

  243.           return ArgType::PtrTo(Ctx.LongLongTy);
    244. 

  244.         case LengthModifier::AsInt64:
    245. 

  245.           return ArgType::PtrTo(ArgType(Ctx.LongLongTy, "__int64"));
    246. 

  246.         case LengthModifier::AsIntMax:
    247. 

  247.           return ArgType::PtrTo(ArgType(Ctx.getIntMaxType(), "intmax_t"));
    248. 

  248.         case LengthModifier::AsSizeT:
    249. 

  249.           // FIXME: ssize_t.
    250. 

  250.           return ArgType();
    251. 

  251.         case LengthModifier::AsPtrDiff:
    252. 

  252.           return ArgType::PtrTo(ArgType(Ctx.getPointerDiffType(), "ptrdiff_t"));
    253. 

  253.         case LengthModifier::AsLongDouble:
    254. 

  254.           // GNU extension.
    255. 

  255.           return ArgType::PtrTo(Ctx.LongLongTy);
    256. 

  256.         case LengthModifier::AsAllocate:
    257. 

  257.         case LengthModifier::AsMAllocate:
    258. 

  258.         case LengthModifier::AsInt32:
    259. 

  259.         case LengthModifier::AsInt3264:
    260. 

  260.         case LengthModifier::AsWide:
    261. 

  261.           return ArgType::Invalid();
    262. 

  262.       }
    263. 

  263. 

  264.     // Unsigned int.
    265. 

  265.     case ConversionSpecifier::oArg:
    266. 

  266.     case ConversionSpecifier::OArg:
    267. 

  267.     case ConversionSpecifier::uArg:
    268. 

  268.     case ConversionSpecifier::UArg:
    269. 

  269.     case ConversionSpecifier::xArg:
    270. 

  270.     case ConversionSpecifier::XArg:
    271. 

  271.       switch (LM.getKind()) {
    272. 

  272.         case LengthModifier::None:
    273. 

  273.           return ArgType::PtrTo(Ctx.UnsignedIntTy);
    274. 

  274.         case LengthModifier::AsChar:
    275. 

  275.           return ArgType::PtrTo(Ctx.UnsignedCharTy);
    276. 

  276.         case LengthModifier::AsShort:
    277. 

  277.           return ArgType::PtrTo(Ctx.UnsignedShortTy);
    278. 

  278.         case LengthModifier::AsLong:
    279. 

  279.           return ArgType::PtrTo(Ctx.UnsignedLongTy);
    280. 

  280.         case LengthModifier::AsLongLong:
    281. 

  281.         case LengthModifier::AsQuad:
    282. 

  282.           return ArgType::PtrTo(Ctx.UnsignedLongLongTy);
    283. 

  283.         case LengthModifier::AsInt64:
    284. 

  284.           return ArgType::PtrTo(ArgType(Ctx.UnsignedLongLongTy, "unsigned __int64"));
    285. 

  285.         case LengthModifier::AsIntMax:
    286. 

  286.           return ArgType::PtrTo(ArgType(Ctx.getUIntMaxType(), "uintmax_t"));
    287. 

  287.         case LengthModifier::AsSizeT:
    288. 

  288.           return ArgType::PtrTo(ArgType(Ctx.getSizeType(), "size_t"));
    289. 

  289.         case LengthModifier::AsPtrDiff:
    290. 

  290.           // FIXME: Unsigned version of ptrdiff_t?
    291. 

  291.           return ArgType();
    292. 

  292.         case LengthModifier::AsLongDouble:
    293. 

  293.           // GNU extension.
    294. 

  294.           return ArgType::PtrTo(Ctx.UnsignedLongLongTy);
    295. 

  295.         case LengthModifier::AsAllocate:
    296. 

  296.         case LengthModifier::AsMAllocate:
    297. 

  297.         case LengthModifier::AsInt32:
    298. 

  298.         case LengthModifier::AsInt3264:
    299. 

  299.         case LengthModifier::AsWide:
    300. 

  300.           return ArgType::Invalid();
    301. 

  301.       }
    302. 

  302. 

  303.     // Float.
    304. 

  304.     case ConversionSpecifier::aArg:
    305. 

  305.     case ConversionSpecifier::AArg:
    306. 

  306.     case ConversionSpecifier::eArg:
    307. 

  307.     case ConversionSpecifier::EArg:
    308. 

  308.     case ConversionSpecifier::fArg:
    309. 

  309.     case ConversionSpecifier::FArg:
    310. 

  310.     case ConversionSpecifier::gArg:
    311. 

  311.     case ConversionSpecifier::GArg:
    312. 

  312.       switch (LM.getKind()) {
    313. 

  313.         case LengthModifier::None:
    314. 

  314.           return ArgType::PtrTo(Ctx.FloatTy);
    315. 

  315.         case LengthModifier::AsLong:
    316. 

  316.           return ArgType::PtrTo(Ctx.DoubleTy);
    317. 

  317.         case LengthModifier::AsLongDouble:
    318. 

  318.           return ArgType::PtrTo(Ctx.LongDoubleTy);
    319. 

  319.         default:
    320. 

  320.           return ArgType::Invalid();
    321. 

  321.       }
    322. 

  322. 

  323.     // Char, string and scanlist.
    324. 

  324.     case ConversionSpecifier::cArg:
    325. 

  325.     case ConversionSpecifier::sArg:
    326. 

  326.     case ConversionSpecifier::ScanListArg:
    327. 

  327.       switch (LM.getKind()) {
    328. 

  328.         case LengthModifier::None:
    329. 

  329.           return ArgType::PtrTo(ArgType::AnyCharTy);
    330. 

  330.         case LengthModifier::AsLong:
    331. 

  331.         case LengthModifier::AsWide:
    332. 

  332.           return ArgType::PtrTo(ArgType(Ctx.getWideCharType(), "wchar_t"));
    333. 

  333.         case LengthModifier::AsAllocate:
    334. 

  334.         case LengthModifier::AsMAllocate:
    335. 

  335.           return ArgType::PtrTo(ArgType::CStrTy);
    336. 

  336.         case LengthModifier::AsShort:
    337. 

  337.           if (Ctx.getTargetInfo().getTriple().isOSMSVCRT())
    338. 

  338.             return ArgType::PtrTo(ArgType::AnyCharTy);
    339. 

  339.         default:
    340. 

  340.           return ArgType::Invalid();
    341. 

  341.       }
    342. 

  342.     case ConversionSpecifier::CArg:
    343. 

  343.     case ConversionSpecifier::SArg:
    344. 

  344.       // FIXME: Mac OS X specific?
    345. 

  345.       switch (LM.getKind()) {
    346. 

  346.         case LengthModifier::None:
    347. 

  347.         case LengthModifier::AsWide:
    348. 

  348.           return ArgType::PtrTo(ArgType(Ctx.getWideCharType(), "wchar_t"));
    349. 

  349.         case LengthModifier::AsAllocate:
    350. 

  350.         case LengthModifier::AsMAllocate:
    351. 

  351.           return ArgType::PtrTo(ArgType(ArgType::WCStrTy, "wchar_t *"));
    352. 

  352.         case LengthModifier::AsShort:
    353. 

  353.           if (Ctx.getTargetInfo().getTriple().isOSMSVCRT())
    354. 

  354.             return ArgType::PtrTo(ArgType::AnyCharTy);
    355. 

  355.         default:
    356. 

  356.           return ArgType::Invalid();
    357. 

  357.       }
    358. 

  358. 

  359.     // Pointer.
    360. 

  360.     case ConversionSpecifier::pArg:
    361. 

  361.       return ArgType::PtrTo(ArgType::CPointerTy);
    362. 

  362. 

  363.     // Write-back.
    364. 

  364.     case ConversionSpecifier::nArg:
    365. 

  365.       switch (LM.getKind()) {
    366. 

  366.         case LengthModifier::None:
    367. 

  367.           return ArgType::PtrTo(Ctx.IntTy);
    368. 

  368.         case LengthModifier::AsChar:
    369. 

  369.           return ArgType::PtrTo(Ctx.SignedCharTy);
    370. 

  370.         case LengthModifier::AsShort:
    371. 

  371.           return ArgType::PtrTo(Ctx.ShortTy);
    372. 

  372.         case LengthModifier::AsLong:
    373. 

  373.           return ArgType::PtrTo(Ctx.LongTy);
    374. 

  374.         case LengthModifier::AsLongLong:
    375. 

  375.         case LengthModifier::AsQuad:
    376. 

  376.           return ArgType::PtrTo(Ctx.LongLongTy);
    377. 

  377.         case LengthModifier::AsInt64:
    378. 

  378.           return ArgType::PtrTo(ArgType(Ctx.LongLongTy, "__int64"));
    379. 

  379.         case LengthModifier::AsIntMax:
    380. 

  380.           return ArgType::PtrTo(ArgType(Ctx.getIntMaxType(), "intmax_t"));
    381. 

  381.         case LengthModifier::AsSizeT:
    382. 

  382.           return ArgType(); // FIXME: ssize_t
    383. 

  383.         case LengthModifier::AsPtrDiff:
    384. 

  384.           return ArgType::PtrTo(ArgType(Ctx.getPointerDiffType(), "ptrdiff_t"));
    385. 

  385.         case LengthModifier::AsLongDouble:
    386. 

  386.           return ArgType(); // FIXME: Is this a known extension?
    387. 

  387.         case LengthModifier::AsAllocate:
    388. 

  388.         case LengthModifier::AsMAllocate:
    389. 

  389.         case LengthModifier::AsInt32:
    390. 

  390.         case LengthModifier::AsInt3264:
    391. 

  391.         case LengthModifier::AsWide:
    392. 

  392.           return ArgType::Invalid();
    393. 

  393.         }
    394. 

  394. 

  395.     default:
    396. 

  396.       break;
    397. 

  397.   }
    398. 

  398. 

  399.   return ArgType();
    400. 

  400. }
    401. 

  401. 

  402. bool ScanfSpecifier::fixType(QualType QT, QualType RawQT,
    403. 

  403.                              const LangOptions &LangOpt,
    404. 

  404.                              ASTContext &Ctx) {
    405. 

  405. 

  406.   // %n is different from other conversion specifiers; don't try to fix it.
    407. 

  407.   if (CS.getKind() == ConversionSpecifier::nArg)
    408. 

  408.     return false;
    409. 

  409. 

  410.   if (!QT->isPointerType())
    411. 

  411.     return false;
    412. 

  412. 

  413.   QualType PT = QT->getPointeeType();
    414. 

  414. 

  415.   // If it's an enum, get its underlying type.
    416. 

  416.   if (const EnumType *ETy = PT->getAs<EnumType>())
    417. 

  417.     PT = ETy->getDecl()->getIntegerType();
    418. 

  418. 

  419.   const BuiltinType *BT = PT->getAs<BuiltinType>();
    420. 

  420.   if (!BT)
    421. 

  421.     return false;
    422. 

  422. 

  423.   // Pointer to a character.
    424. 

  424.   if (PT->isAnyCharacterType()) {
    425. 

  425.     CS.setKind(ConversionSpecifier::sArg);
    426. 

  426.     if (PT->isWideCharType())
    427. 

  427.       LM.setKind(LengthModifier::AsWideChar);
    428. 

  428.     else
    429. 

  429.       LM.setKind(LengthModifier::None);
    430. 

  430. 

  431.     // If we know the target array length, we can use it as a field width.
    432. 

  432.     if (const ConstantArrayType *CAT = Ctx.getAsConstantArrayType(RawQT)) {
    433. 

  433.       if (CAT->getSizeModifier() == ArrayType::Normal)
    434. 

  434.         FieldWidth = OptionalAmount(OptionalAmount::Constant,
    435. 

  435.                                     CAT->getSize().getZExtValue() - 1,
    436. 

  436.                                     "", 0, false);
    437. 

  437. 

  438.     }
    439. 

  439.     return true;
    440. 

  440.   }
    441. 

  441. 

  442.   // Figure out the length modifier.
    443. 

  443.   switch (BT->getKind()) {
    444. 

  444.     // no modifier
    445. 

  445.     case BuiltinType::UInt:
    446. 

  446.     case BuiltinType::Int:
    447. 

  447.     case BuiltinType::Float:
    448. 

  448.       LM.setKind(LengthModifier::None);
    449. 

  449.       break;
    450. 

  450. 

  451.     // hh
    452. 

  452.     case BuiltinType::Char_U:
    453. 

  453.     case BuiltinType::UChar:
    454. 

  454.     case BuiltinType::Char_S:
    455. 

  455.     case BuiltinType::SChar:
    456. 

  456.       LM.setKind(LengthModifier::AsChar);
    457. 

  457.       break;
    458. 

  458. 

  459.     // h
    460. 

  460.     case BuiltinType::Short:
    461. 

  461.     case BuiltinType::UShort:
    462. 

  462.       LM.setKind(LengthModifier::AsShort);
    463. 

  463.       break;
    464. 

  464. 

  465.     // l
    466. 

  466.     case BuiltinType::Long:
    467. 

  467.     case BuiltinType::ULong:
    468. 

  468.     case BuiltinType::Double:
    469. 

  469.       LM.setKind(LengthModifier::AsLong);
    470. 

  470.       break;
    471. 

  471. 

  472.     // ll
    473. 

  473.     case BuiltinType::LongLong:
    474. 

  474.     case BuiltinType::ULongLong:
    475. 

  475.       LM.setKind(LengthModifier::AsLongLong);
    476. 

  476.       break;
    477. 

  477. 

  478.     // L
    479. 

  479.     case BuiltinType::LongDouble:
    480. 

  480.       LM.setKind(LengthModifier::AsLongDouble);
    481. 

  481.       break;
    482. 

  482. 

  483.     // Don't know.
    484. 

  484.     default:
    485. 

  485.       return false;
    486. 

  486.   }
    487. 

  487. 

  488.   // Handle size_t, ptrdiff_t, etc. that have dedicated length modifiers in C99.
    489. 

  489.   if (isa<TypedefType>(PT) && (LangOpt.C99 || LangOpt.CPlusPlus11))
    490. 

  490.     namedTypeToLengthModifier(PT, LM);
    491. 

  491. 

  492.   // If fixing the length modifier was enough, we are done.
    493. 

  493.   if (hasValidLengthModifier(Ctx.getTargetInfo())) {
    494. 

  494.     const analyze_scanf::ArgType &AT = getArgType(Ctx);
    495. 

  495.     if (AT.isValid() && AT.matchesType(Ctx, QT))
    496. 

  496.       return true;
    497. 

  497.   }
    498. 

  498. 

  499.   // Figure out the conversion specifier.
    500. 

  500.   if (PT->isRealFloatingType())
    501. 

  501.     CS.setKind(ConversionSpecifier::fArg);
    502. 

  502.   else if (PT->isSignedIntegerType())
    503. 

  503.     CS.setKind(ConversionSpecifier::dArg);
    504. 

  504.   else if (PT->isUnsignedIntegerType())
    505. 

  505.     CS.setKind(ConversionSpecifier::uArg);
    506. 

  506.   else
    507. 

  507.     llvm_unreachable("Unexpected type");
    508. 

  508. 

  509.   return true;
    510. 

  510. }
    511. 

  511. 

  512. void ScanfSpecifier::toString(raw_ostream &os) const {
    513. 

  513.   os << "%";
    514. 

  514. 

  515.   if (usesPositionalArg())
    516. 

  516.     os << getPositionalArgIndex() << "$";
    517. 

  517.   if (SuppressAssignment)
    518. 

  518.     os << "*";
    519. 

  519. 

  520.   FieldWidth.toString(os);
    521. 

  521.   os << LM.toString();
    522. 

  522.   os << CS.toString();
    523. 

  523. }
    524. 

  524. 

  525. bool clang::analyze_format_string::ParseScanfString(FormatStringHandler &H,
    526. 

  526.                                                     const char *I,
    527. 

  527.                                                     const char *E,
    528. 

  528.                                                     const LangOptions &LO,
    529. 

  529.                                                     const TargetInfo &Target) {
    530. 

  530.   
    531. 

  531.   unsigned argIndex = 0;
    532. 

  532.   
    533. 

  533.   // Keep looking for a format specifier until we have exhausted the string.
    534. 

  534.   while (I != E) {
    535. 

  535.     const ScanfSpecifierResult &FSR = ParseScanfSpecifier(H, I, E, argIndex,
    536. 

  536.                                                           LO, Target);
    537. 

  537.     // Did a fail-stop error of any kind occur when parsing the specifier?
    538. 

  538.     // If so, don't do any more processing.
    539. 

  539.     if (FSR.shouldStop())
    540. 

  540.       return true;
    541. 

  541.       // Did we exhaust the string or encounter an error that
    542. 

  542.       // we can recover from?
    543. 

  543.     if (!FSR.hasValue())
    544. 

  544.       continue;
    545. 

  545.       // We have a format specifier.  Pass it to the callback.
    546. 

  546.     if (!H.HandleScanfSpecifier(FSR.getValue(), FSR.getStart(),
    547. 

  547.                                 I - FSR.getStart())) {
    548. 

  548.       return true;
    549. 

  549.     }
    550. 

  550.   }
    551. 

  551.   assert(I == E && "Format string not exhausted");
    552. 

  552.   return false;
    553. 

  553. }
    554.