[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Calling yyerror with non-literal parameter triggers warning

From: Kaz Kylheku
Subject: Re: Calling yyerror with non-literal parameter triggers warning
Date: Mon, 19 Aug 2019 15:46:41 -0700
User-agent: Roundcube Webmail/0.9.2

On 2019-08-19 13:05, August Karlstrom wrote:
When I use the default C compiler cc on macOS to compile a parser
generated by GNU Bison I get the following warning:

y.tab.c:3974:18: warning: format string is not a string literal
      (potentially insecure) [-Wformat-security]
        yyerror (yymsgp);
y.tab.c:3974:18: note: treat the string as an argument to avoid this
        yyerror (yymsgp);

As the warning suggests, GNU Bison should instead generate the call

yyerror ("%s", yymsgp);

That would almost certainly be wrong, since yyerror is a
one-argument function; its prototype is

  void yyerror(const char *);

(That is, that's the default one. Various Bison options can change
the type signature. The presence of %locations %define api.pure
adds a parameter to yyerror, as does %parse-param.)

A parser that needs to have a printf-like function should define
it as an auxiliary, e.g.:

   void yyerrorf(const char *fmt, ...)
      /* vsnprintf into buffer */
      /* call yyerror(buffer) */

Or possibly the other way around:

   void yyerror(const char *nofmt)
      yyerrorf("%s", nofmt);

reply via email to

[Prev in Thread] Current Thread [Next in Thread]