1 // Copyright 2010 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // This file contains the printf-checker. 6 7 package main 8 9 import ( 10 "bytes" 11 "flag" 12 "go/ast" 13 "go/constant" 14 "go/token" 15 "go/types" 16 "strconv" 17 "strings" 18 "unicode/utf8" 19 ) 20 21 var printfuncs = flag.String("printfuncs", "", "comma-separated list of print function names to check") 22 23 func init() { 24 register("printf", 25 "check printf-like invocations", 26 checkFmtPrintfCall, 27 funcDecl, callExpr) 28 } 29 30 func initPrintFlags() { 31 if *printfuncs == "" { 32 return 33 } 34 for _, name := range strings.Split(*printfuncs, ",") { 35 if len(name) == 0 { 36 flag.Usage() 37 } 38 skip := 0 39 if colon := strings.LastIndex(name, ":"); colon > 0 { 40 var err error 41 skip, err = strconv.Atoi(name[colon+1:]) 42 if err != nil { 43 errorf(`illegal format for "Func:N" argument %q; %s`, name, err) 44 } 45 name = name[:colon] 46 } 47 name = strings.ToLower(name) 48 if name[len(name)-1] == 'f' { 49 printfList[name] = skip 50 } else { 51 printList[name] = skip 52 } 53 } 54 } 55 56 // printfList records the formatted-print functions. The value is the location 57 // of the format parameter. Names are lower-cased so the lookup is 58 // case insensitive. 59 var printfList = map[string]int{ 60 "errorf": 0, 61 "fatalf": 0, 62 "fprintf": 1, 63 "logf": 0, 64 "panicf": 0, 65 "printf": 0, 66 "sprintf": 0, 67 } 68 69 // printList records the unformatted-print functions. The value is the location 70 // of the first parameter to be printed. Names are lower-cased so the lookup is 71 // case insensitive. 72 var printList = map[string]int{ 73 "error": 0, 74 "fatal": 0, 75 "fprint": 1, "fprintln": 1, 76 "log": 0, 77 "panic": 0, "panicln": 0, 78 "print": 0, "println": 0, 79 "sprint": 0, "sprintln": 0, 80 } 81 82 // checkCall triggers the print-specific checks if the call invokes a print function. 83 func checkFmtPrintfCall(f *File, node ast.Node) { 84 if d, ok := node.(*ast.FuncDecl); ok && isStringer(f, d) { 85 // Remember we saw this. 86 if f.stringers == nil { 87 f.stringers = make(map[*ast.Object]bool) 88 } 89 if l := d.Recv.List; len(l) == 1 { 90 if n := l[0].Names; len(n) == 1 { 91 f.stringers[n[0].Obj] = true 92 } 93 } 94 return 95 } 96 97 call, ok := node.(*ast.CallExpr) 98 if !ok { 99 return 100 } 101 var Name string 102 switch x := call.Fun.(type) { 103 case *ast.Ident: 104 Name = x.Name 105 case *ast.SelectorExpr: 106 Name = x.Sel.Name 107 default: 108 return 109 } 110 111 name := strings.ToLower(Name) 112 if skip, ok := printfList[name]; ok { 113 f.checkPrintf(call, Name, skip) 114 return 115 } 116 if skip, ok := printList[name]; ok { 117 f.checkPrint(call, Name, skip) 118 return 119 } 120 } 121 122 // isStringer returns true if the provided declaration is a "String() string" 123 // method, an implementation of fmt.Stringer. 124 func isStringer(f *File, d *ast.FuncDecl) bool { 125 return d.Recv != nil && d.Name.Name == "String" && d.Type.Results != nil && 126 len(d.Type.Params.List) == 0 && len(d.Type.Results.List) == 1 && 127 f.pkg.types[d.Type.Results.List[0].Type].Type == types.Typ[types.String] 128 } 129 130 // formatState holds the parsed representation of a printf directive such as "%3.*[4]d". 131 // It is constructed by parsePrintfVerb. 132 type formatState struct { 133 verb rune // the format verb: 'd' for "%d" 134 format string // the full format directive from % through verb, "%.3d". 135 name string // Printf, Sprintf etc. 136 flags []byte // the list of # + etc. 137 argNums []int // the successive argument numbers that are consumed, adjusted to refer to actual arg in call 138 indexed bool // whether an indexing expression appears: %[1]d. 139 firstArg int // Index of first argument after the format in the Printf call. 140 // Used only during parse. 141 file *File 142 call *ast.CallExpr 143 argNum int // Which argument we're expecting to format now. 144 indexPending bool // Whether we have an indexed argument that has not resolved. 145 nbytes int // number of bytes of the format string consumed. 146 } 147 148 // checkPrintf checks a call to a formatted print routine such as Printf. 149 // call.Args[formatIndex] is (well, should be) the format argument. 150 func (f *File) checkPrintf(call *ast.CallExpr, name string, formatIndex int) { 151 if formatIndex >= len(call.Args) { 152 f.Bad(call.Pos(), "too few arguments in call to", name) 153 return 154 } 155 lit := f.pkg.types[call.Args[formatIndex]].Value 156 if lit == nil { 157 if *verbose { 158 f.Warn(call.Pos(), "can't check non-constant format in call to", name) 159 } 160 return 161 } 162 if lit.Kind() != constant.String { 163 f.Badf(call.Pos(), "constant %v not a string in call to %s", lit, name) 164 return 165 } 166 format := constant.StringVal(lit) 167 firstArg := formatIndex + 1 // Arguments are immediately after format string. 168 if !strings.Contains(format, "%") { 169 if len(call.Args) > firstArg { 170 f.Badf(call.Pos(), "no formatting directive in %s call", name) 171 } 172 return 173 } 174 // Hard part: check formats against args. 175 argNum := firstArg 176 indexed := false 177 for i, w := 0, 0; i < len(format); i += w { 178 w = 1 179 if format[i] == '%' { 180 state := f.parsePrintfVerb(call, name, format[i:], firstArg, argNum) 181 if state == nil { 182 return 183 } 184 w = len(state.format) 185 if state.indexed { 186 indexed = true 187 } 188 if !f.okPrintfArg(call, state) { // One error per format is enough. 189 return 190 } 191 if len(state.argNums) > 0 { 192 // Continue with the next sequential argument. 193 argNum = state.argNums[len(state.argNums)-1] + 1 194 } 195 } 196 } 197 // Dotdotdot is hard. 198 if call.Ellipsis.IsValid() && argNum >= len(call.Args)-1 { 199 return 200 } 201 // If the arguments were direct indexed, we assume the programmer knows what's up. 202 // Otherwise, there should be no leftover arguments. 203 if !indexed && argNum != len(call.Args) { 204 expect := argNum - firstArg 205 numArgs := len(call.Args) - firstArg 206 f.Badf(call.Pos(), "wrong number of args for format in %s call: %d needed but %d args", name, expect, numArgs) 207 } 208 } 209 210 // parseFlags accepts any printf flags. 211 func (s *formatState) parseFlags() { 212 for s.nbytes < len(s.format) { 213 switch c := s.format[s.nbytes]; c { 214 case '#', '0', '+', '-', ' ': 215 s.flags = append(s.flags, c) 216 s.nbytes++ 217 default: 218 return 219 } 220 } 221 } 222 223 // scanNum advances through a decimal number if present. 224 func (s *formatState) scanNum() { 225 for ; s.nbytes < len(s.format); s.nbytes++ { 226 c := s.format[s.nbytes] 227 if c < '0' || '9' < c { 228 return 229 } 230 } 231 } 232 233 // parseIndex scans an index expression. It returns false if there is a syntax error. 234 func (s *formatState) parseIndex() bool { 235 if s.nbytes == len(s.format) || s.format[s.nbytes] != '[' { 236 return true 237 } 238 // Argument index present. 239 s.indexed = true 240 s.nbytes++ // skip '[' 241 start := s.nbytes 242 s.scanNum() 243 if s.nbytes == len(s.format) || s.nbytes == start || s.format[s.nbytes] != ']' { 244 s.file.Badf(s.call.Pos(), "illegal syntax for printf argument index") 245 return false 246 } 247 arg32, err := strconv.ParseInt(s.format[start:s.nbytes], 10, 32) 248 if err != nil { 249 s.file.Badf(s.call.Pos(), "illegal syntax for printf argument index: %s", err) 250 return false 251 } 252 s.nbytes++ // skip ']' 253 arg := int(arg32) 254 arg += s.firstArg - 1 // We want to zero-index the actual arguments. 255 s.argNum = arg 256 s.indexPending = true 257 return true 258 } 259 260 // parseNum scans a width or precision (or *). It returns false if there's a bad index expression. 261 func (s *formatState) parseNum() bool { 262 if s.nbytes < len(s.format) && s.format[s.nbytes] == '*' { 263 if s.indexPending { // Absorb it. 264 s.indexPending = false 265 } 266 s.nbytes++ 267 s.argNums = append(s.argNums, s.argNum) 268 s.argNum++ 269 } else { 270 s.scanNum() 271 } 272 return true 273 } 274 275 // parsePrecision scans for a precision. It returns false if there's a bad index expression. 276 func (s *formatState) parsePrecision() bool { 277 // If there's a period, there may be a precision. 278 if s.nbytes < len(s.format) && s.format[s.nbytes] == '.' { 279 s.flags = append(s.flags, '.') // Treat precision as a flag. 280 s.nbytes++ 281 if !s.parseIndex() { 282 return false 283 } 284 if !s.parseNum() { 285 return false 286 } 287 } 288 return true 289 } 290 291 // parsePrintfVerb looks the formatting directive that begins the format string 292 // and returns a formatState that encodes what the directive wants, without looking 293 // at the actual arguments present in the call. The result is nil if there is an error. 294 func (f *File) parsePrintfVerb(call *ast.CallExpr, name, format string, firstArg, argNum int) *formatState { 295 state := &formatState{ 296 format: format, 297 name: name, 298 flags: make([]byte, 0, 5), 299 argNum: argNum, 300 argNums: make([]int, 0, 1), 301 nbytes: 1, // There's guaranteed to be a percent sign. 302 indexed: false, 303 firstArg: firstArg, 304 file: f, 305 call: call, 306 } 307 // There may be flags. 308 state.parseFlags() 309 indexPending := false 310 // There may be an index. 311 if !state.parseIndex() { 312 return nil 313 } 314 // There may be a width. 315 if !state.parseNum() { 316 return nil 317 } 318 // There may be a precision. 319 if !state.parsePrecision() { 320 return nil 321 } 322 // Now a verb, possibly prefixed by an index (which we may already have). 323 if !indexPending && !state.parseIndex() { 324 return nil 325 } 326 if state.nbytes == len(state.format) { 327 f.Badf(call.Pos(), "missing verb at end of format string in %s call", name) 328 return nil 329 } 330 verb, w := utf8.DecodeRuneInString(state.format[state.nbytes:]) 331 state.verb = verb 332 state.nbytes += w 333 if verb != '%' { 334 state.argNums = append(state.argNums, state.argNum) 335 } 336 state.format = state.format[:state.nbytes] 337 return state 338 } 339 340 // printfArgType encodes the types of expressions a printf verb accepts. It is a bitmask. 341 type printfArgType int 342 343 const ( 344 argBool printfArgType = 1 << iota 345 argInt 346 argRune 347 argString 348 argFloat 349 argComplex 350 argPointer 351 anyType printfArgType = ^0 352 ) 353 354 type printVerb struct { 355 verb rune // User may provide verb through Formatter; could be a rune. 356 flags string // known flags are all ASCII 357 typ printfArgType 358 } 359 360 // Common flag sets for printf verbs. 361 const ( 362 noFlag = "" 363 numFlag = " -+.0" 364 sharpNumFlag = " -+.0#" 365 allFlags = " -+.0#" 366 ) 367 368 // printVerbs identifies which flags are known to printf for each verb. 369 // TODO: A type that implements Formatter may do what it wants, and vet 370 // will complain incorrectly. 371 var printVerbs = []printVerb{ 372 // '-' is a width modifier, always valid. 373 // '.' is a precision for float, max width for strings. 374 // '+' is required sign for numbers, Go format for %v. 375 // '#' is alternate format for several verbs. 376 // ' ' is spacer for numbers 377 {'%', noFlag, 0}, 378 {'b', numFlag, argInt | argFloat | argComplex}, 379 {'c', "-", argRune | argInt}, 380 {'d', numFlag, argInt}, 381 {'e', numFlag, argFloat | argComplex}, 382 {'E', numFlag, argFloat | argComplex}, 383 {'f', numFlag, argFloat | argComplex}, 384 {'F', numFlag, argFloat | argComplex}, 385 {'g', numFlag, argFloat | argComplex}, 386 {'G', numFlag, argFloat | argComplex}, 387 {'o', sharpNumFlag, argInt}, 388 {'p', "-#", argPointer}, 389 {'q', " -+.0#", argRune | argInt | argString}, 390 {'s', " -+.0", argString}, 391 {'t', "-", argBool}, 392 {'T', "-", anyType}, 393 {'U', "-#", argRune | argInt}, 394 {'v', allFlags, anyType}, 395 {'x', sharpNumFlag, argRune | argInt | argString}, 396 {'X', sharpNumFlag, argRune | argInt | argString}, 397 } 398 399 // okPrintfArg compares the formatState to the arguments actually present, 400 // reporting any discrepancies it can discern. If the final argument is ellipsissed, 401 // there's little it can do for that. 402 func (f *File) okPrintfArg(call *ast.CallExpr, state *formatState) (ok bool) { 403 var v printVerb 404 found := false 405 // Linear scan is fast enough for a small list. 406 for _, v = range printVerbs { 407 if v.verb == state.verb { 408 found = true 409 break 410 } 411 } 412 if !found { 413 f.Badf(call.Pos(), "unrecognized printf verb %q", state.verb) 414 return false 415 } 416 for _, flag := range state.flags { 417 if !strings.ContainsRune(v.flags, rune(flag)) { 418 f.Badf(call.Pos(), "unrecognized printf flag for verb %q: %q", state.verb, flag) 419 return false 420 } 421 } 422 // Verb is good. If len(state.argNums)>trueArgs, we have something like %.*s and all 423 // but the final arg must be an integer. 424 trueArgs := 1 425 if state.verb == '%' { 426 trueArgs = 0 427 } 428 nargs := len(state.argNums) 429 for i := 0; i < nargs-trueArgs; i++ { 430 argNum := state.argNums[i] 431 if !f.argCanBeChecked(call, i, true, state) { 432 return 433 } 434 arg := call.Args[argNum] 435 if !f.matchArgType(argInt, nil, arg) { 436 f.Badf(call.Pos(), "arg %s for * in printf format not of type int", f.gofmt(arg)) 437 return false 438 } 439 } 440 if state.verb == '%' { 441 return true 442 } 443 argNum := state.argNums[len(state.argNums)-1] 444 if !f.argCanBeChecked(call, len(state.argNums)-1, false, state) { 445 return false 446 } 447 arg := call.Args[argNum] 448 if !f.matchArgType(v.typ, nil, arg) { 449 typeString := "" 450 if typ := f.pkg.types[arg].Type; typ != nil { 451 typeString = typ.String() 452 } 453 f.Badf(call.Pos(), "arg %s for printf verb %%%c of wrong type: %s", f.gofmt(arg), state.verb, typeString) 454 return false 455 } 456 if v.typ&argString != 0 && v.verb != 'T' && !bytes.Contains(state.flags, []byte{'#'}) && f.recursiveStringer(arg) { 457 f.Badf(call.Pos(), "arg %s for printf causes recursive call to String method", f.gofmt(arg)) 458 return false 459 } 460 return true 461 } 462 463 // recursiveStringer reports whether the provided argument is r or &r for the 464 // fmt.Stringer receiver identifier r. 465 func (f *File) recursiveStringer(e ast.Expr) bool { 466 if len(f.stringers) == 0 { 467 return false 468 } 469 var obj *ast.Object 470 switch e := e.(type) { 471 case *ast.Ident: 472 obj = e.Obj 473 case *ast.UnaryExpr: 474 if id, ok := e.X.(*ast.Ident); ok && e.Op == token.AND { 475 obj = id.Obj 476 } 477 } 478 479 // It's unlikely to be a recursive stringer if it has a Format method. 480 if typ := f.pkg.types[e].Type; typ != nil { 481 // Not a perfect match; see issue 6259. 482 if f.hasMethod(typ, "Format") { 483 return false 484 } 485 } 486 487 // We compare the underlying Object, which checks that the identifier 488 // is the one we declared as the receiver for the String method in 489 // which this printf appears. 490 return f.stringers[obj] 491 } 492 493 // argCanBeChecked reports whether the specified argument is statically present; 494 // it may be beyond the list of arguments or in a terminal slice... argument, which 495 // means we can't see it. 496 func (f *File) argCanBeChecked(call *ast.CallExpr, formatArg int, isStar bool, state *formatState) bool { 497 argNum := state.argNums[formatArg] 498 if argNum < 0 { 499 // Shouldn't happen, so catch it with prejudice. 500 panic("negative arg num") 501 } 502 if argNum == 0 { 503 f.Badf(call.Pos(), `index value [0] for %s("%s"); indexes start at 1`, state.name, state.format) 504 return false 505 } 506 if argNum < len(call.Args)-1 { 507 return true // Always OK. 508 } 509 if call.Ellipsis.IsValid() { 510 return false // We just can't tell; there could be many more arguments. 511 } 512 if argNum < len(call.Args) { 513 return true 514 } 515 // There are bad indexes in the format or there are fewer arguments than the format needs. 516 // This is the argument number relative to the format: Printf("%s", "hi") will give 1 for the "hi". 517 arg := argNum - state.firstArg + 1 // People think of arguments as 1-indexed. 518 f.Badf(call.Pos(), `missing argument for %s("%s"): format reads arg %d, have only %d args`, state.name, state.format, arg, len(call.Args)-state.firstArg) 519 return false 520 } 521 522 // checkPrint checks a call to an unformatted print routine such as Println. 523 // call.Args[firstArg] is the first argument to be printed. 524 func (f *File) checkPrint(call *ast.CallExpr, name string, firstArg int) { 525 isLn := strings.HasSuffix(name, "ln") 526 isF := strings.HasPrefix(name, "F") 527 args := call.Args 528 if name == "Log" && len(args) > 0 { 529 // Special case: Don't complain about math.Log or cmplx.Log. 530 // Not strictly necessary because the only complaint likely is for Log("%d") 531 // but it feels wrong to check that math.Log is a good print function. 532 if sel, ok := args[0].(*ast.SelectorExpr); ok { 533 if x, ok := sel.X.(*ast.Ident); ok { 534 if x.Name == "math" || x.Name == "cmplx" { 535 return 536 } 537 } 538 } 539 } 540 // check for Println(os.Stderr, ...) 541 if firstArg == 0 && !isF && len(args) > 0 { 542 if sel, ok := args[0].(*ast.SelectorExpr); ok { 543 if x, ok := sel.X.(*ast.Ident); ok { 544 if x.Name == "os" && strings.HasPrefix(sel.Sel.Name, "Std") { 545 f.Badf(call.Pos(), "first argument to %s is %s.%s", name, x.Name, sel.Sel.Name) 546 } 547 } 548 } 549 } 550 if len(args) <= firstArg { 551 // If we have a call to a method called Error that satisfies the Error interface, 552 // then it's ok. Otherwise it's something like (*T).Error from the testing package 553 // and we need to check it. 554 if name == "Error" && f.isErrorMethodCall(call) { 555 return 556 } 557 // If it's an Error call now, it's probably for printing errors. 558 if !isLn { 559 // Check the signature to be sure: there are niladic functions called "error". 560 if firstArg != 0 || f.numArgsInSignature(call) != firstArg { 561 f.Badf(call.Pos(), "no args in %s call", name) 562 } 563 } 564 return 565 } 566 arg := args[firstArg] 567 if lit, ok := arg.(*ast.BasicLit); ok && lit.Kind == token.STRING { 568 if strings.Contains(lit.Value, "%") { 569 f.Badf(call.Pos(), "possible formatting directive in %s call", name) 570 } 571 } 572 if isLn { 573 // The last item, if a string, should not have a newline. 574 arg = args[len(call.Args)-1] 575 if lit, ok := arg.(*ast.BasicLit); ok && lit.Kind == token.STRING { 576 if strings.HasSuffix(lit.Value, `\n"`) { 577 f.Badf(call.Pos(), "%s call ends with newline", name) 578 } 579 } 580 } 581 for _, arg := range args { 582 if f.recursiveStringer(arg) { 583 f.Badf(call.Pos(), "arg %s for print causes recursive call to String method", f.gofmt(arg)) 584 } 585 } 586 } 587
