Re: Class name as NSString and problem with NSLog?
Re: Class name as NSString and problem with NSLog?
- Subject: Re: Class name as NSString and problem with NSLog?
- From: Greg Parker <email@hidden>
- Date: Thu, 06 Mar 2014 15:47:08 -0800
On Mar 6, 2014, at 3:37 PM, Sean McBride <email@hidden> wrote:
> On Thu, 6 Mar 2014 15:15:49 -0800, Jens Alfke said:
>> I remember the “Month Of Apple Bugs”** that a hacker group ran in 2007,
>> where they published a new app or OS security vulnerability every day
>> for month. A lot of them were caused by format-string vulnerabilities.
>> Soon thereafter the compiler team at Apple added that format-string
>> security warning :)
>
> Though it still doesn't work for NSPredicate APIs:, all these years later, ex:
>
> -----------------------
> #import <Foundation/Foundation.h>
>
> int main (void)
> {
> NSPredicate* predicate = [NSPredicate predicateWithFormat:@"foo == %d"];
>
> return !!predicate;
> }
> -----------------------
>
> "clang -Weverything -fsyntax-only ~/test.m" gives nothing!
>
> <rdar://10699748> Dupes welcome. :)
The problem is that +predicateWithFormat: accepts conversions that are not part of NSString's format string syntax. Adding format string warnings for new format string syntaxes requires compiler changes.
--
Greg Parker email@hidden Runtime Wrangler
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden