Browse Source

degesch: add static analysis for the logger

Caught two more occurences than I was able to find by just scanning
the source, so the effort wasn't in vain.
Přemysl Janouch 5 months ago
parent
commit
b1a89f313a
No known key found for this signature in database
2 changed files with 16 additions and 0 deletions
  1. 2
    0
      CMakeLists.txt
  2. 14
    0
      test-static

+ 2
- 0
CMakeLists.txt View File

@@ -180,6 +180,8 @@ endfunction (make_tests_for)
180 180
 include (CTest)
181 181
 if (BUILD_TESTING)
182 182
 	make_tests_for (degesch)
183
+	add_test (NAME custom-static-analysis
184
+		COMMAND ${PROJECT_SOURCE_DIR}/test-static)
183 185
 endif (BUILD_TESTING)
184 186
 
185 187
 # Various clang-based diagnostics, loads of fake positives and spam

+ 14
- 0
test-static View File

@@ -0,0 +1,14 @@
1
+#!/bin/sh
2
+# We don't use printf's percent notation with our custom logging mechanism,
3
+# so the compiler cannot check it for us like it usually does
4
+perl -n0777 - "$(dirname "$0")"/degesch.c <<-'END'
5
+	while (/\blog_[^ ]+\s*\([^"()]*"[^"]*%[^%][^"]*"/gm) {
6
+		my ($p, $m) = ($`, $&);
7
+		printf "$ARGV:%d: suspicious log format string: %s...\n",
8
+			(1 + $p =~ tr/\n//), ($m =~ s/\s+/ /rg);
9
+		$status = 1;
10
+	}
11
+	END {
12
+		exit $status;
13
+	}
14
+END

Loading…
Cancel
Save