Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/tools/go/analysis: warn on Printf(fmt) #37935

Open
neild opened this issue Mar 18, 2020 · 2 comments
Open

x/tools/go/analysis: warn on Printf(fmt) #37935

neild opened this issue Mar 18, 2020 · 2 comments
Labels
Analysis Issues related to static analysis (vet, x/tools/go/analysis) NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. Tools This label describes issues relating to any tools in the x/tools repository.
Milestone
Unreleased

Comments

@neild
Copy link
Contributor

neild commented Mar 18, 2020

Consider the code:

msg := fmt.Sprintf("could not adumbrate %v: %v", subject, err)
log.Printf(msg)
return msg

The log.Printf call will interpret msg as a format string, causing unexpected results if msg contains formatting characters.

We could warn on a call to a formatting function with a single non-constant parameter. These calls can always be safely converted to the equivalent non-formatting function.

msg := "some string"
fmt.Printf(msg) // warning: printf with non-constant format string and no format parameters

x := "parameter"
fmt.Printf(msg, x) // no warning: we can't validate that msg is a valid format, but this could be correct

var a []interface{}
fmt.Printf(msg, a...) // no warning: again, we can't validate that msg is a valid format, but this could be correct
@gopherbot gopherbot added this to the Unreleased milestone Mar 18, 2020
@gopherbot gopherbot added the Tools This label describes issues relating to any tools in the x/tools repository. label Mar 18, 2020
@cagedmantis cagedmantis added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Mar 18, 2020
@cagedmantis
Copy link
Contributor

/cc @ianthehat @matloob

@matloob
Copy link
Contributor

matloob commented Mar 20, 2020

I wouldn't mind accepting a contribution that adds this check, especially because it seems pretty simple to add.

@adonovan adonovan added the Analysis Issues related to static analysis (vet, x/tools/go/analysis) label Apr 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Analysis Issues related to static analysis (vet, x/tools/go/analysis) NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. Tools This label describes issues relating to any tools in the x/tools repository.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
5 participants
@neild @cagedmantis @adonovan @gopherbot @matloob