Merge pull request github#11149 from geoffw0/wrong-number-msg

C++: Clearer messages for the format args queries

Author: jketema

cpp/ql/src/Likely Bugs/Format/TooManyFormatArguments.ql

@@ -13,11 +13,18 @@
 
 import cpp
 
-from FormatLiteral fl, FormattingFunctionCall ffc, int expected, int given
+from FormatLiteral fl, FormattingFunctionCall ffc, int expected, int given, string ffcName
 where
   ffc = fl.getUse() and
   expected = fl.getNumArgNeeded() and
   given = ffc.getNumFormatArgument() and
   expected < given and
-  fl.specsAreKnown()
-select ffc, "Format expects " + expected.toString() + " arguments but given " + given.toString()
+  fl.specsAreKnown() and
+  (
+    if ffc.isInMacroExpansion()
+    then ffcName = ffc.getTarget().getName() + " (in a macro expansion)"
+    else ffcName = ffc.getTarget().getName()
+  )
+select ffc,
+  "Format for " + ffcName + " expects " + expected.toString() + " arguments but given " +
+    given.toString()

cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.ql

@@ -16,11 +16,18 @@
 
 import cpp
 
-from FormatLiteral fl, FormattingFunctionCall ffc, int expected, int given
+from FormatLiteral fl, FormattingFunctionCall ffc, int expected, int given, string ffcName
 where
   ffc = fl.getUse() and
   expected = fl.getNumArgNeeded() and
   given = ffc.getNumFormatArgument() and
   expected > given and
-  fl.specsAreKnown()
-select ffc, "Format expects " + expected.toString() + " arguments but given " + given.toString()
+  fl.specsAreKnown() and
+  (
+    if ffc.isInMacroExpansion()
+    then ffcName = ffc.getTarget().getName() + " (in a macro expansion)"
+    else ffcName = ffc.getTarget().getName()
+  )
+select ffc,
+  "Format for " + ffcName + " expects " + expected.toString() + " arguments but given " +
+    given.toString()

cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/TooManyFormatArguments.expected

@@ -1,14 +1,14 @@
-| a.c:18:3:18:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
-| b.c:15:3:15:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
-| c.c:7:3:7:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
-| custom_printf.cpp:31:5:31:12 | call to myPrintf | Format expects 2 arguments but given 3 |
-| macros.cpp:12:2:12:31 | call to printf | Format expects 2 arguments but given 3 |
-| macros.cpp:16:2:16:30 | call to printf | Format expects 2 arguments but given 3 |
-| test.c:7:2:7:7 | call to printf | Format expects 0 arguments but given 1 |
-| test.c:21:2:21:7 | call to printf | Format expects 2 arguments but given 3 |
-| test.c:27:3:27:8 | call to printf | Format expects 2 arguments but given 3 |
-| test.c:31:3:31:8 | call to printf | Format expects 1 arguments but given 3 |
-| test.c:32:3:32:8 | call to printf | Format expects 1 arguments but given 2 |
-| test.c:39:3:39:8 | call to printf | Format expects 2 arguments but given 5 |
-| test.c:40:3:40:8 | call to printf | Format expects 2 arguments but given 4 |
-| test.c:41:3:41:8 | call to printf | Format expects 2 arguments but given 3 |
+| a.c:18:3:18:25 | call to myMultiplyDefinedPrintf | Format for myMultiplyDefinedPrintf expects 1 arguments but given 2 |
+| b.c:15:3:15:25 | call to myMultiplyDefinedPrintf | Format for myMultiplyDefinedPrintf expects 1 arguments but given 2 |
+| c.c:7:3:7:25 | call to myMultiplyDefinedPrintf | Format for myMultiplyDefinedPrintf expects 1 arguments but given 2 |
+| custom_printf.cpp:31:5:31:12 | call to myPrintf | Format for myPrintf expects 2 arguments but given 3 |
+| macros.cpp:12:2:12:31 | call to printf | Format for printf (in a macro expansion) expects 2 arguments but given 3 |
+| macros.cpp:16:2:16:30 | call to printf | Format for printf (in a macro expansion) expects 2 arguments but given 3 |
+| test.c:7:2:7:7 | call to printf | Format for printf expects 0 arguments but given 1 |
+| test.c:21:2:21:7 | call to printf | Format for printf expects 2 arguments but given 3 |
+| test.c:27:3:27:8 | call to printf | Format for printf expects 2 arguments but given 3 |
+| test.c:31:3:31:8 | call to printf | Format for printf expects 1 arguments but given 3 |
+| test.c:32:3:32:8 | call to printf | Format for printf expects 1 arguments but given 2 |
+| test.c:39:3:39:8 | call to printf | Format for printf expects 2 arguments but given 5 |
+| test.c:40:3:40:8 | call to printf | Format for printf expects 2 arguments but given 4 |
+| test.c:41:3:41:8 | call to printf | Format for printf expects 2 arguments but given 3 |

cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/WrongNumberOfFormatArguments.expected

@@ -1,11 +1,12 @@
-| a.c:16:3:16:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
-| b.c:13:3:13:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
-| c.c:5:3:5:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
-| custom_printf.cpp:29:5:29:12 | call to myPrintf | Format expects 2 arguments but given 1 |
-| macros.cpp:14:2:14:37 | call to printf | Format expects 4 arguments but given 3 |
-| macros.cpp:21:2:21:36 | call to printf | Format expects 4 arguments but given 3 |
-| test.c:9:2:9:7 | call to printf | Format expects 1 arguments but given 0 |
-| test.c:12:2:12:7 | call to printf | Format expects 2 arguments but given 1 |
-| test.c:15:2:15:7 | call to printf | Format expects 3 arguments but given 2 |
-| test.c:19:2:19:7 | call to printf | Format expects 2 arguments but given 1 |
-| test.c:29:3:29:8 | call to printf | Format expects 2 arguments but given 1 |
+| a.c:16:3:16:25 | call to myMultiplyDefinedPrintf | Format for myMultiplyDefinedPrintf expects 1 arguments but given 0 |
+| b.c:13:3:13:25 | call to myMultiplyDefinedPrintf | Format for myMultiplyDefinedPrintf expects 1 arguments but given 0 |
+| c.c:5:3:5:25 | call to myMultiplyDefinedPrintf | Format for myMultiplyDefinedPrintf expects 1 arguments but given 0 |
+| custom_printf.cpp:29:5:29:12 | call to myPrintf | Format for myPrintf expects 2 arguments but given 1 |
+| macros.cpp:14:2:14:37 | call to printf | Format for printf (in a macro expansion) expects 4 arguments but given 3 |
+| macros.cpp:21:2:21:36 | call to printf | Format for printf (in a macro expansion) expects 4 arguments but given 3 |
+| macros.cpp:32:2:32:25 | call to printf | Format for printf (in a macro expansion) expects 1 arguments but given 0 |
+| test.c:9:2:9:7 | call to printf | Format for printf expects 1 arguments but given 0 |
+| test.c:12:2:12:7 | call to printf | Format for printf expects 2 arguments but given 1 |
+| test.c:15:2:15:7 | call to printf | Format for printf expects 3 arguments but given 2 |
+| test.c:19:2:19:7 | call to printf | Format for printf expects 2 arguments but given 1 |
+| test.c:29:3:29:8 | call to printf | Format for printf expects 2 arguments but given 1 |

cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/macros.cpp

@@ -13,10 +13,21 @@ void testMacros(int a, int b, int c)
 	GOODPRINTF("%i %i %i\n", a, b, c); // GOOD
 	GOODPRINTF("%i %i %i %i\n", a, b, c); // BAD: too few format arguments
 
-	BADPRINTF("%i %i\n", a, b, 0); // BAD: too many format arguments
+	BADPRINTF("%i %i\n", a, b, 0); // DUBIOUS: too many format arguments
 		// ^ here there are too many format arguments, but the design of the Macro forces the user
 		//   to do this, and the extra argument is harmlessly ignored in practice.  Reporting these
 		//   results can be extremely noisy (e.g. in openldap).
 	BADPRINTF("%i %i %i\n", a, b, c); // GOOD
 	BADPRINTF("%i %i %i %i\n", a, b, c); // BAD: too few format arguments
 }
+
+#define DOTHING(x) \
+	printf("doing thing: " #x); x
+
+void testMacros2()
+{
+	int x;
+
+	DOTHING(x++); // GOOD
+	DOTHING(printf("%i", x)); // BAD: the printf inside the macro has too few format arguments
+}