FP: cpp:FunctionEllipsis on methods with __attribute__((format(printf

Hello,

in https://sonarcloud.io/project/issues?id=remote-simgrid&issues=AWt8QetptUB48Z09kzar&open=AWt8QetptUB48Z09kzar
we have the following:

    explicit Error(char const* fmt, ...) __attribute__((format(printf,2,3)))

This raises cpp:FunctionEllipsis which states: “Passing arguments via an ellipsis bypasses the type checking performed by the compiler”. This is obviously true without that attribute, but arguably not so much with the attribute. Don’t you think that the rule should evolve here? I’d say that you can speak of “format” attribute in the text of the rule, and an exception in its application.

Thanks,
Mt

Hello @mquinson

While we agree that using this attribute makes the use of ellipsis less dangerous, we still believe it is useful to report such usage of ellipses:

  • This attribute is non standard, and it’s behavior varies from one compiler to the other,
  • This attribute will not do anything unless the right warning is also enabled on the call site,
  • Nothing will be reported if the format string is not a string literal, while this can still lead to bad usage,
  • There are better solutions that do not suffer from this issue.

By the way, did you notice that in your sample code, the values set for the attribute are wrong? It should be __attribute__((format(printf,1,2)))

Regards,

1 Like