Skip to content

Commit

Permalink
Annotate cfg_error with format attribute
Browse files Browse the repository at this point in the history 
Format attributes help compilers to warn on format string misuses, like:

    cfg_error(cfg, user_defined_input)  // potential security issue
    cfg_error(cfg, "foo %d", "bar")

    confuse.c:1246:20: warning: format string is not a string literal [-Wformat-nonliteral]
                    vfprintf(stderr, fmt, ap);
                                     ^~~

Guard the annotation with __GNUC__, defined by GCC and Clang, which
support the GNU extension of function format attributes.
  • Loading branch information
@cgzones
cgzones committed Sep 22, 2022
1 parent c605e3b commit 45cd40d
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions src/confuse.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -770,6 +770,9 @@ DLLIMPORT cfg_errfunc_t __export cfg_set_error_function(cfg_t *cfg, cfg_errfunc_
/** Show a parser error. Any user-defined error reporting function is called.
* @see cfg_set_error_function
*/
#ifdef __GNUC__
__attribute__((__format__(__printf__, 2, 3)))
#endif
DLLIMPORT void __export cfg_error(cfg_t *cfg, const char *fmt, ...);

/** Returns the option comment
Expand Down

0 comments on commit 45cd40d

Please sign in to comment.