non-literal strftime format string is not unsafe.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150009 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/lib/Sema/SemaChecking.cpp b/lib/Sema/SemaChecking.cpp
index c3b957c..378930a 100644
--- a/lib/Sema/SemaChecking.cpp
+++ b/lib/Sema/SemaChecking.cpp
@@ -1584,6 +1584,11 @@
format_idx, firstDataArg, Type))
return; // Literal format string found, check done!
+ // Strftime is particular as it always uses a single 'time' argument,
+ // so it is safe to pass a non-literal string.
+ if (Type == FST_Strftime)
+ return;
+
// Do not emit diag when the string param is a macro expansion and the
// format is either NSString or CFString. This is a hack to prevent
// diag when using the NSLocalizedString and CFCopyLocalizedString macros
diff --git a/test/Sema/format-strings.c b/test/Sema/format-strings.c
index 3a95df5..dcff75a 100644
--- a/test/Sema/format-strings.c
+++ b/test/Sema/format-strings.c
@@ -491,6 +491,7 @@
void test_other_formats() {
char *str = "";
monformat("", 1); // expected-warning{{format string is empty}}
+ monformat(str); // expected-warning{{format string is not a string literal (potentially insecure)}}
dateformat(""); // expected-warning{{format string is empty}}
- dateformat(str); // expected-warning{{format string is not a string literal (potentially insecure)}}
+ dateformat(str); // no-warning (using strftime non literal is not unsafe)
}
