Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding -Wformat-nonliteral check #12763

Merged
merged 2 commits into from
Jan 6, 2022

Conversation

woody-apple
Copy link
Contributor

Problem

This can be a security issue, adding this to the base warrnings

Change overview

Adding -Wformat-nonliteral for clang

Testing

CI

@github-actions
Copy link

github-actions bot commented Dec 21, 2021

PR #12763: Size comparison from bf7feea to e202c8d

Full report (31 builds for efr32, esp32, k32w, linux, mbed, nrfconnect, p6, qpg, telink)
platform target config section bf7feea e202c8d change % change
efr32 lighting-app BRD4161A (read only) 830568 830568 0 0.0
(read/write) 127384 127384 0 0.0
.bss 125504 125504 0 0.0
.data 1876 1876 0 0.0
.text 830560 830560 0 0.0
BRD4161A+rpc (read only) 818196 818196 0 0.0
(read/write) 144048 144048 0 0.0
.bss 142072 142072 0 0.0
.data 1976 1976 0 0.0
.text 818188 818188 0 0.0
window-app BRD4161A (read only) 803944 803944 0 0.0
(read/write) 126320 126320 0 0.0
.bss 124488 124488 0 0.0
.data 1832 1832 0 0.0
.text 803936 803936 0 0.0
esp32 all-clusters-app c3devkit (read only) 883166 883166 0 0.0
(read/write) 1312986 1312986 0 0.0
.dram0.bss 69384 69384 0 0.0
.dram0.data 14220 14220 0 0.0
.flash.rodata 176320 176320 0 0.0
.flash.text 883166 883166 0 0.0
.iram0.text 62254 62254 0 0.0
m5stack (read only) 943435 943435 0 0.0
(read/write) 442080 442080 0 0.0
.dram0.bss 73888 73888 0 0.0
.dram0.data 34056 34056 0 0.0
.flash.rodata 203128 203128 0 0.0
.flash.text 938051 938051 0 0.0
.iram0.text 122671 122671 0 0.0
k32w light k32w061+release (read/write) 648764 648764 0 0.0
.bss 76512 76512 0 0.0
.data 1904 1904 0 0.0
.text 564548 564548 0 0.0
lock k32w061+release (read/write) 633472 633472 0 0.0
.bss 76224 76224 0 0.0
.data 1860 1860 0 0.0
.text 549588 549588 0 0.0
linux chip-tool-ipv6only arm64 (read only) 7006076 7006076 0 0.0
(read/write) 326289 326289 0 0.0
.bss 54641 54641 0 0.0
.data 1096 1096 0 0.0
.data.rel.ro 210144 210144 0 0.0
.dynamic 560 560 0 0.0
.got 56712 56712 0 0.0
.init 24 24 0 0.0
.init_array 168 168 0 0.0
.rodata 384228 384228 0 0.0
.text 5928548 5928548 0 0.0
thermostat-no-ble arm64 (read only) 2017908 2017908 0 0.0
(read/write) 144497 144497 0 0.0
.bss 64417 64417 0 0.0
.data 880 880 0 0.0
.data.rel.ro 72376 72376 0 0.0
.dynamic 560 560 0 0.0
.got 3888 3888 0 0.0
.init 24 24 0 0.0
.init_array 296 296 0 0.0
.rodata 128932 128932 0 0.0
.text 1676304 1676304 0 0.0
mbed all-clusters-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2340104 2340104 0 0.0
.bss 188660 188660 0 0.0
.data 5272 5272 0 0.0
.text 1302680 1302680 0 0.0
lighting-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2330576 2330576 0 0.0
.bss 180936 180936 0 0.0
.data 5552 5552 0 0.0
.text 1293176 1293176 0 0.0
lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2303672 2303672 0 0.0
.bss 179984 179984 0 0.0
.data 5544 5544 0 0.0
.text 1266272 1266272 0 0.0
pigweed-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 1140008 1140008 0 0.0
.bss 11756 11756 0 0.0
.data 4368 4368 0 0.0
.text 103392 103392 0 0.0
shell CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2053688 2053688 0 0.0
.bss 156972 156972 0 0.0
.data 4864 4864 0 0.0
.text 1016288 1016288 0 0.0
nrfconnect lighting-app nrf52840dk_nrf52840 (read/write) 935967 935967 0 0.0
bss 118428 118428 0 0.0
rodata 108124 108124 0 0.0
text 631864 631864 0 0.0
nrf52840dk_nrf52840+rpc (read/write) 922367 922367 0 0.0
bss 115472 115472 0 0.0
rodata 101540 101540 0 0.0
text 627176 627176 0 0.0
nrf5340dk_nrf5340_cpuapp (read/write) 859730 859730 0 0.0
bss 116712 116712 0 0.0
rodata 103048 103048 0 0.0
text 559308 559308 0 0.0
lock-app nrf52840dk_nrf52840 (read/write) 908111 908111 0 0.0
bss 117616 117616 0 0.0
rodata 103428 103428 0 0.0
text 609692 609692 0 0.0
nrf5340dk_nrf5340_cpuapp (read/write) 832042 832042 0 0.0
bss 115928 115928 0 0.0
rodata 98392 98392 0 0.0
text 537172 537172 0 0.0
pigweed-app nrf52840dk_nrf52840 (read/write) 542351 542351 0 0.0
bss 52588 52588 0 0.0
rodata 50668 50668 0 0.0
text 376892 376892 0 0.0
pump-app nrf52840dk_nrf52840 (read/write) 909375 909375 0 0.0
bss 117376 117376 0 0.0
rodata 103644 103644 0 0.0
text 610928 610928 0 0.0
pump-controller-app nrf52840dk_nrf52840 (read/write) 906191 906191 0 0.0
bss 117404 117404 0 0.0
rodata 102900 102900 0 0.0
text 608440 608440 0 0.0
shell nrf52840dk_nrf52840 (read/write) 796079 796079 0 0.0
bss 109464 109464 0 0.0
rodata 78096 78096 0 0.0
text 532048 532048 0 0.0
nrf5340dk_nrf5340_cpuapp (read/write) 708710 708710 0 0.0
bss 107352 107352 0 0.0
rodata 72396 72396 0 0.0
text 449544 449544 0 0.0
p6 all-clusters-app default (read/write) 2392056 2392056 0 0.0
.bss 116860 116860 0 0.0
.data 2552 2552 0 0.0
.text 1350320 1350320 0 0.0
light-app default (read/write) 2325104 2325104 0 0.0
.bss 106184 106184 0 0.0
.data 2384 2384 0 0.0
.text 1283368 1283368 0 0.0
lock-app default (read/write) 2297312 2297312 0 0.0
.bss 105064 105064 0 0.0
.data 2336 2336 0 0.0
.text 1255576 1255576 0 0.0
qpg lighting-app qpg6105+debug (read only) 532232 532232 0 0.0
(read/write) 146936 146936 0 0.0
.bss 86840 86840 0 0.0
.data 1004 1004 0 0.0
.text 526912 526912 0 0.0
lock-app qpg6105+debug (read only) 503912 503912 0 0.0
(read/write) 146940 146940 0 0.0
.bss 85976 85976 0 0.0
.data 952 952 0 0.0
.text 498592 498592 0 0.0
persistent-storage-app qpg6105+debug (read only) 106448 106448 0 0.0
(read/write) 146938 146938 0 0.0
.bss 36146 36146 0 0.0
.data 288 288 0 0.0
.text 101128 101128 0 0.0
telink lighting-app tlsr9518adk80d (read/write) 832258 832258 0 0.0
bss 87088 87088 0 0.0
noinit 37160 37160 0 0.0
text 580366 580366 0 0.0

@stale
Copy link

stale bot commented Dec 28, 2021

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

@stale stale bot added the stale Stale issue or PR label Dec 28, 2021
@bzbarsky-apple bzbarsky-apple removed the stale Stale issue or PR label Dec 31, 2021
src/lib/support/logging/Constants.h Outdated Show resolved Hide resolved
@github-actions
Copy link

github-actions bot commented Jan 6, 2022

PR #12763: Size comparison from 48d299f to 5ee66b3

Full report (19 builds for efr32, k32w, linux, mbed, p6, qpg, telink)
platform target config section 48d299f 5ee66b3 change % change
efr32 lighting-app BRD4161A (read only) 829396 829396 0 0.0
(read/write) 127068 127068 0 0.0
.bss 125192 125192 0 0.0
.data 1876 1876 0 0.0
.text 829388 829388 0 0.0
BRD4161A+rpc (read only) 816576 816576 0 0.0
(read/write) 143736 143736 0 0.0
.bss 141760 141760 0 0.0
.data 1976 1976 0 0.0
.text 816568 816568 0 0.0
window-app BRD4161A (read only) 802844 802844 0 0.0
(read/write) 126008 126008 0 0.0
.bss 124176 124176 0 0.0
.data 1832 1832 0 0.0
.text 802836 802836 0 0.0
k32w light k32w061+release (read/write) 648472 648472 0 0.0
.bss 76216 76216 0 0.0
.data 1904 1904 0 0.0
.text 564552 564552 0 0.0
lock k32w061+release (read/write) 633296 633296 0 0.0
.bss 75928 75928 0 0.0
.data 1860 1860 0 0.0
.text 549708 549708 0 0.0
linux chip-tool-ipv6only arm64 (read only) 7011468 7011468 0 0.0
(read/write) 324849 324849 0 0.0
.bss 54209 54209 0 0.0
.data 1096 1096 0 0.0
.data.rel.ro 208968 208968 0 0.0
.dynamic 560 560 0 0.0
.got 56888 56888 0 0.0
.init 24 24 0 0.0
.init_array 168 168 0 0.0
.rodata 383108 383108 0 0.0
.text 5936084 5936084 0 0.0
thermostat-no-ble arm64 (read only) 2024348 2024348 0 0.0
(read/write) 144049 144049 0 0.0
.bss 64001 64001 0 0.0
.data 880 880 0 0.0
.data.rel.ro 72296 72296 0 0.0
.dynamic 560 560 0 0.0
.got 3936 3936 0 0.0
.init 24 24 0 0.0
.init_array 296 296 0 0.0
.rodata 128524 128524 0 0.0
.text 1683152 1683152 0 0.0
mbed all-clusters-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2346288 2346288 0 0.0
.bss 188548 188548 0 0.0
.data 5312 5312 0 0.0
.text 1308864 1308864 0 0.0
lighting-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2329208 2329208 0 0.0
.bss 180624 180624 0 0.0
.data 5552 5552 0 0.0
.text 1291808 1291808 0 0.0
lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2302368 2302368 0 0.0
.bss 179672 179672 0 0.0
.data 5544 5544 0 0.0
.text 1264968 1264968 0 0.0
pigweed-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 1139712 1139712 0 0.0
.bss 11756 11756 0 0.0
.data 4368 4368 0 0.0
.text 103096 103096 0 0.0
shell CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2053888 2053888 0 0.0
.bss 156972 156972 0 0.0
.data 4864 4864 0 0.0
.text 1016488 1016488 0 0.0
p6 all-clusters-app default (read/write) 2401288 2401288 0 0.0
.bss 116748 116748 0 0.0
.data 2592 2592 0 0.0
.text 1359552 1359552 0 0.0
light-app default (read/write) 2324568 2324568 0 0.0
.bss 105872 105872 0 0.0
.data 2384 2384 0 0.0
.text 1282832 1282832 0 0.0
lock-app default (read/write) 2296768 2296768 0 0.0
.bss 104752 104752 0 0.0
.data 2336 2336 0 0.0
.text 1255032 1255032 0 0.0
qpg lighting-app qpg6105+debug (read only) 531664 531664 0 0.0
(read/write) 146936 146936 0 0.0
.bss 86672 86672 0 0.0
.data 1004 1004 0 0.0
.text 526344 526344 0 0.0
lock-app qpg6105+debug (read only) 503444 503444 0 0.0
(read/write) 146940 146940 0 0.0
.bss 85808 85808 0 0.0
.data 952 952 0 0.0
.text 498124 498124 0 0.0
persistent-storage-app qpg6105+debug (read only) 106448 106448 0 0.0
(read/write) 146938 146938 0 0.0
.bss 36146 36146 0 0.0
.data 288 288 0 0.0
.text 101128 101128 0 0.0
telink lighting-app tlsr9518adk80d (read/write) 832242 832242 0 0.0
bss 86856 86856 0 0.0
noinit 37160 37160 0 0.0
text 580682 580682 0 0.0

@bzbarsky-apple
Copy link
Contributor

/rebase

woody-apple and others added 2 commits January 6, 2022 17:51
The ENFORCE_FORMAT annotations help make it clear to the compiler
which seemingly-nonliteral values are actually checked to be literals
further up the callstack, because we disallow passing a non-literal as
the format arg indicated by ENFORCE_FORMAT.
@github-actions
Copy link

github-actions bot commented Jan 6, 2022

PR #12763: Size comparison from 89b87f1 to 92081f8

Full report (26 builds for efr32, esp32, k32w, linux, nrfconnect, p6, qpg, telink)
platform target config section 89b87f1 92081f8 change % change
efr32 lighting-app BRD4161A (read only) 829396 829396 0 0.0
(read/write) 127068 127068 0 0.0
.bss 125192 125192 0 0.0
.data 1876 1876 0 0.0
.text 829388 829388 0 0.0
BRD4161A+rpc (read only) 816576 816576 0 0.0
(read/write) 143736 143736 0 0.0
.bss 141760 141760 0 0.0
.data 1976 1976 0 0.0
.text 816568 816568 0 0.0
window-app BRD4161A (read only) 802844 802844 0 0.0
(read/write) 126008 126008 0 0.0
.bss 124176 124176 0 0.0
.data 1832 1832 0 0.0
.text 802836 802836 0 0.0
esp32 all-clusters-app c3devkit (read only) 889178 889178 0 0.0
(read/write) 1313770 1313770 0 0.0
.dram0.bss 69288 69288 0 0.0
.dram0.data 14236 14236 0 0.0
.flash.rodata 177184 177184 0 0.0
.flash.text 889178 889178 0 0.0
.iram0.text 62254 62254 0 0.0
m5stack (read only) 949083 949083 0 0.0
(read/write) 445352 445352 0 0.0
.dram0.bss 73776 73776 0 0.0
.dram0.data 34064 34064 0 0.0
.flash.rodata 206504 206504 0 0.0
.flash.text 943699 943699 0 0.0
.iram0.text 122671 122671 0 0.0
k32w light k32w061+release (read/write) 648472 648472 0 0.0
.bss 76216 76216 0 0.0
.data 1904 1904 0 0.0
.text 564552 564552 0 0.0
lock k32w061+release (read/write) 633296 633296 0 0.0
.bss 75928 75928 0 0.0
.data 1860 1860 0 0.0
.text 549708 549708 0 0.0
linux chip-tool-ipv6only arm64 (read only) 7011468 7011468 0 0.0
(read/write) 324849 324849 0 0.0
.bss 54209 54209 0 0.0
.data 1096 1096 0 0.0
.data.rel.ro 208968 208968 0 0.0
.dynamic 560 560 0 0.0
.got 56888 56888 0 0.0
.init 24 24 0 0.0
.init_array 168 168 0 0.0
.rodata 383108 383108 0 0.0
.text 5936084 5936084 0 0.0
thermostat-no-ble arm64 (read only) 2024348 2024348 0 0.0
(read/write) 144049 144049 0 0.0
.bss 64001 64001 0 0.0
.data 880 880 0 0.0
.data.rel.ro 72296 72296 0 0.0
.dynamic 560 560 0 0.0
.got 3936 3936 0 0.0
.init 24 24 0 0.0
.init_array 296 296 0 0.0
.rodata 128524 128524 0 0.0
.text 1683152 1683152 0 0.0
nrfconnect lighting-app nrf52840dk_nrf52840 (read/write) 935763 935763 0 0.0
bss 118188 118188 0 0.0
rodata 108048 108048 0 0.0
text 631948 631948 0 0.0
nrf52840dk_nrf52840+rpc (read/write) 921187 921187 0 0.0
bss 115232 115232 0 0.0
rodata 100488 100488 0 0.0
text 627300 627300 0 0.0
nrf5340dk_nrf5340_cpuapp (read/write) 846706 846706 0 0.0
bss 116080 116080 0 0.0
rodata 101220 101220 0 0.0
text 548888 548888 0 0.0
lock-app nrf52840dk_nrf52840 (read/write) 907875 907875 0 0.0
bss 117376 117376 0 0.0
rodata 103320 103320 0 0.0
text 609820 609820 0 0.0
nrf5340dk_nrf5340_cpuapp (read/write) 819046 819046 0 0.0
bss 115296 115296 0 0.0
rodata 96544 96544 0 0.0
text 526796 526796 0 0.0
pigweed-app nrf52840dk_nrf52840 (read/write) 541835 541835 0 0.0
bss 52588 52588 0 0.0
rodata 50104 50104 0 0.0
text 376940 376940 0 0.0
pump-app nrf52840dk_nrf52840 (read/write) 909151 909151 0 0.0
bss 117136 117136 0 0.0
rodata 103532 103532 0 0.0
text 611032 611032 0 0.0
pump-controller-app nrf52840dk_nrf52840 (read/write) 905987 905987 0 0.0
bss 117164 117164 0 0.0
rodata 102792 102792 0 0.0
text 608568 608568 0 0.0
shell nrf52840dk_nrf52840 (read/write) 796843 796843 0 0.0
bss 109536 109536 0 0.0
rodata 78188 78188 0 0.0
text 532664 532664 0 0.0
nrf5340dk_nrf5340_cpuapp (read/write) 709670 709670 0 0.0
bss 107424 107424 0 0.0
rodata 72492 72492 0 0.0
text 450340 450340 0 0.0
p6 all-clusters-app default (read/write) 2401288 2401288 0 0.0
.bss 116748 116748 0 0.0
.data 2592 2592 0 0.0
.text 1359552 1359552 0 0.0
light-app default (read/write) 2324568 2324568 0 0.0
.bss 105872 105872 0 0.0
.data 2384 2384 0 0.0
.text 1282832 1282832 0 0.0
lock-app default (read/write) 2296768 2296768 0 0.0
.bss 104752 104752 0 0.0
.data 2336 2336 0 0.0
.text 1255032 1255032 0 0.0
qpg lighting-app qpg6105+debug (read only) 531664 531664 0 0.0
(read/write) 146936 146936 0 0.0
.bss 86672 86672 0 0.0
.data 1004 1004 0 0.0
.text 526344 526344 0 0.0
lock-app qpg6105+debug (read only) 503444 503444 0 0.0
(read/write) 146940 146940 0 0.0
.bss 85808 85808 0 0.0
.data 952 952 0 0.0
.text 498124 498124 0 0.0
persistent-storage-app qpg6105+debug (read only) 106448 106448 0 0.0
(read/write) 146938 146938 0 0.0
.bss 36146 36146 0 0.0
.data 288 288 0 0.0
.text 101128 101128 0 0.0
telink lighting-app tlsr9518adk80d (read/write) 832242 832242 0 0.0
bss 86856 86856 0 0.0
noinit 37160 37160 0 0.0
text 580682 580682 0 0.0

@bzbarsky-apple bzbarsky-apple merged commit 0e14979 into project-chip:master Jan 6, 2022
lmpprk added a commit to lmpprk/connectedhomeip that referenced this pull request Jan 16, 2022
lmpprk added a commit to lmpprk/connectedhomeip that referenced this pull request Jan 16, 2022
andy31415 pushed a commit that referenced this pull request Jan 17, 2022
selissia pushed a commit to selissia/connectedhomeip that referenced this pull request Jan 28, 2022
step0035 pushed a commit to hank820/connectedhomeip that referenced this pull request Feb 8, 2022
* Turn on -Wformat-security and -Wformat-nonliteral.

The ENFORCE_FORMAT annotations help make it clear to the compiler
which seemingly-nonliteral values are actually checked to be literals
further up the callstack, because we disallow passing a non-literal as
the format arg indicated by ENFORCE_FORMAT.

* Address review comments

Co-authored-by: Boris Zbarsky <[email protected]>
step0035 pushed a commit to hank820/connectedhomeip that referenced this pull request Feb 8, 2022
@woody-apple woody-apple deleted the Wformat-nonliteral branch July 6, 2022 01:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants