Detect sprintf and fprintf bad use

albertogarcia · February 22, 2010, 7:39am

Hello again,

I don't know about regexp so I throw this question here:

How can I detect files where, for example:

sprintf (var1, "hello %s %s", sub1);

The problem here is that we have 2 %s and only a variable.

Or... the inverse:

sprintf (var1, "hello %s %s", sub1, sub2, sub3,...subn);

And...the sentences can be in more than one line:

sprintf (var1, 
"hello %s %s", 
sub1);

I know that this is not inmediate, I'll try a solution this afternoon, but if somebody can tell me a clue where I can start....

Thank you very much

jim_mcnamara · February 22, 2010, 9:01am

Do you have the gcc compiler for your platform?

gcc -Wall mycode.c -o mycode

will list any line and flag as a warning if there is a datatype mismatch between
the format string and the arguments to any of the printf() function family.

albertogarcia · February 22, 2010, 11:49am

Thank you,

yes I have cc instead of gcc but I have a lot of code (thousand of files) and we have changed the micro-processor so the compiler version too and now there is warnings that create problems in the execution.
I would like to obtain the problematic files without compile...