From 42c467a11d55c2ecadbf961580d2e9d9211a9a79 Mon Sep 17 00:00:00 2001 From: Marc Mutz Date: Mon, 29 Jul 2024 20:10:50 +0200 Subject: [PATCH] Add __attribute__((format(printf()))) to q(v)nprintf() They were lacking it since the start of the public history, and porting to std::snprintf() (which has the warning) as part of making Qt compile with QT_NO_SNPRINTF has turned up surprisingly many -Wformat warnings, so enable the warning for the remaining (non-tree) users. Backporting aggressively, as this might unearth security bugs in user code. [ChangeLog][QtCore][q(v)snprintf] Added attributes for GCC-compatible compilers to detect format/argument mismatches. If this throws warnings for your calls now, don't ignore them. printf() format mistakes could be security-relevant. You may also find that you relied on undocumented behavior, such as that certain implementations (Windows, Android, WASM) of qsnprintf() support char16_t* instead of wchar_t* for %ls. In that case, you should port to qUtf16Printable() and QString::asprintf(), or suppress the warning and port away from the platform dependence at your earliest convenience. Task-number: QTBUG-127110 Pick-to: 6.7 6.5 6.2 5.15 Change-Id: I5c1fd9b2d5d2d55c68773f33edfd76acacd2408c Reviewed-by: Volker Hilsheimer Reviewed-by: Jason McDonald (cherry picked from commit 64416d3cf645187385d8ad90bc44d9c8e9ce864f) Reviewed-by: Qt Cherry-pick Bot --- src/corelib/text/qbytearrayalgorithms.h | 6 ++++-- tests/auto/corelib/text/qbytearray/tst_qbytearray.cpp | 4 ++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/src/corelib/text/qbytearrayalgorithms.h b/src/corelib/text/qbytearrayalgorithms.h index 649ec2e39bd..5b2b71838fa 100644 --- a/src/corelib/text/qbytearrayalgorithms.h +++ b/src/corelib/text/qbytearrayalgorithms.h @@ -139,8 +139,10 @@ Q_CORE_EXPORT int qstrnicmp(const char *, const char *, size_t len); Q_CORE_EXPORT int qstrnicmp(const char *, qsizetype, const char *, qsizetype = -1); // implemented in qvsnprintf.cpp -Q_CORE_EXPORT int qvsnprintf(char *str, size_t n, const char *fmt, va_list ap); -Q_CORE_EXPORT int qsnprintf(char *str, size_t n, const char *fmt, ...); +Q_CORE_EXPORT int qvsnprintf(char *str, size_t n, const char *fmt, va_list ap) + Q_ATTRIBUTE_FORMAT_PRINTF(3, 0); +Q_CORE_EXPORT int qsnprintf(char *str, size_t n, const char *fmt, ...) + Q_ATTRIBUTE_FORMAT_PRINTF(3, 4); // qChecksum: Internet checksum Q_CORE_EXPORT quint16 qChecksum(QByteArrayView data, Qt::ChecksumType standard = Qt::ChecksumIso3309); diff --git a/tests/auto/corelib/text/qbytearray/tst_qbytearray.cpp b/tests/auto/corelib/text/qbytearray/tst_qbytearray.cpp index fea603faed7..29103b5e3d4 100644 --- a/tests/auto/corelib/text/qbytearray/tst_qbytearray.cpp +++ b/tests/auto/corelib/text/qbytearray/tst_qbytearray.cpp @@ -716,7 +716,11 @@ void tst_QByteArray::qvsnprintf() #ifndef Q_OS_WIN memset(buf, 42, sizeof(buf)); + QT_WARNING_PUSH + QT_WARNING_DISABLE_GCC("-Wformat-zero-length") + QT_WARNING_DISABLE_CLANG("-Wformat-zero-length") QCOMPARE(::qsnprintf(buf, 10, ""), 0); + QT_WARNING_POP #endif }