Examples of errors detected by the V510 diagnostic
V510. The 'Foo' function receives class-type variable as Nth actual argument. This is unexpected behavior.
C++ Embedded Web Server
V510 The 'printf' function is not expected to receive class-type variable as second actual argument. Examples SQLiteDatabase.cpp 39
wstring myDBFName;
....
void CSQLiteDatabase::Open()
{
int rc = sqlite3_open16(myDBFName.c_str(), &db);
if( rc ) {
printf("Cannot open database %s",myDBFName);
exit(1);
}
}
1) wprintf should be used. 2) .c_str() is missing.
SMTP Client
V510 The 'sprintf' function is not expected to receive class-type variable as third actual argument. CSmtp csmtp.cpp 809
bool CSmtp::ConnectRemoteServer(....)
{
....
std::string encoded_login =
base64_encode(ustrLogin, strlen(SendBuf));
....
sprintf(SendBuf, "AUTH PLAIN %s",
encoded_login);
....
}
This is what should have been written here: sprintf(SendBuf, "AUTH PLAIN %s", encoded_login.c_str());
TortoiseSVN
V510 The 'printf_s' function is not expected to receive class-type variable as fourth actual argument. excprpt.cpp 199
string CExceptionReport::getCrashLog()
{
....
_tprintf_s(buf, _T("%s\\%s.xml"),
getenv("TEMP"), CUtility::getAppName());
....
}
The V510 message warns you that it's a bad idea to pass a parameter of the std::string type into the printf_s function. And it is std::string that the CUtility::getAppName() function returns. The error is this: the programmer forgot to write ".c_str()". It may result both in incorrect data output and program crash.
WinMerge
V510 The 'Format' function is not expected to receive class-type variable as 'N' actual argument. stdafx.xpp 110
String GetSysError(int nerr);
....
CString msg;
msg.Format(
_T("Failed to open registry key HKCU/%s:\n\t%d : %s"),
f_RegDir, retVal, GetSysError(retVal));
Everything looks fine at the first sight. But the "String" type is nothing but "std::wstring". Therefore, we will get some gibberish printed at best and an Access Violation error at worst. An object of the "std::wstring" type is placed instead of the string pointer into the stack. The correct code should contain a call of c_str():
Quake-III-Arena
V510 The 'ScriptError' function is not expected to receive class-type variable as third actual argument. botlib l_script.c 992
typedef struct punctuation_s
{
char *p;
int n;
struct punctuation_s *next;
} punctuation_t;
punctuation_t *punctuations;
int PS_ExpectTokenType(
script_t *script, int type, int subtype, token_t *token)
{
....
ScriptError(script, "expected %s, found %s",
script->punctuations[subtype], token->string);
....
}
Similar errors can be found in some other places:
- V510 The 'Com_Printf' function is not expected to receive class-type variable as third actual argument. quake3 win_input.c 1134
WinMerge
V510 The 'Write' function is not expected to receive class-type variable as sixth actual argument. Merge dirscan.cpp 565
static void StoreDiffData(DIFFITEM &di, CDiffContext * pCtxt,
const FolderCmp * pCmpData)
{
....
GetLog()->Write
(
CLogFile::LCOMPAREDATA,
_T("name=<%s>, leftdir=<%s>, rightdir=<%s>, code=%d"),
di.left.filename.c_str(),
di.left.path.c_str(),
di.right.path.c_str(),
di.diffcode
);
pCtxt->m_pCompareStats->AddItem(di.diffcode.diffcode);
....
}
'di.diffcode' is class object. Most likely this is what should be written here: di.diffcode.diffcode.
WinMerge
V510 The 'Write' function is not expected to receive class-type variable as second actual argument. Merge logfile.cpp 85
std::wstring m_strLogPath;
void CLogFile::EnableLogging(BOOL bEnable)
{
....
Write(_T("Path: %s\n*******\n"), m_strLogPath);
....
}
This is what should have been written here: m_strLogPath.c_str()
TortoiseSVN
V510 The 'operator()' function is not expected to receive class-type variable as second actual argument. svnfolderstatus.cpp 150
class CTSVNPath
{
....
private:
mutable CString m_sBackslashPath;
mutable CString m_sLongBackslashPath;
mutable CString m_sFwdslashPath;
....
};
const FileStatusCacheEntry * SVNFolderStatus::BuildCache(
const CTSVNPath& filepath, ....)
{
....
CTraceToOutputDebugString::Instance() (_T(__FUNCTION__)
_T(": building cache for %s\n"), filepath);
....
}
Similar errors can be found in some other places:
- V510 The 'operator()' function is not expected to receive class-type variable as second actual argument. svnfolderstatus.cpp 355
- V510 The 'operator()' function is not expected to receive class-type variable as second actual argument. svnfolderstatus.cpp 360
Wild Magic 5
V510 The 'Assert' function is not expected to receive class-type variable as fifth actual argument. wm5terrain.cpp 150
void Terrain::LoadHeader (const std::string& heightName)
{
....
std::string fileName = heightName + ".wmhf";
FileIO header(fileName, mMode);
assertion(header, "Cannot open file %s\n", fileName);
....
}
Similar errors can be found in some other places:
- V510 The 'Assert' function is not expected to receive class-type variable as fifth actual argument. wm5terrain.cpp 173
Scilab
V510 The 'fprintf' function is not expected to receive class-type variable as fourth actual argument. jvm.c 247
typedef struct JavaVMOption {
char *optionString;
void *extraInfo;
} JavaVMOption;
JavaVMOption *options;
BOOL startJVM(char *SCI_PATH)
{
....
fprintf(stderr, "%d: %s\n", j, vm_args.options[j]);
....
}
However, the fprintf() function will actually take an object of the JavaVMOption type as an argument. The code works only thanks to wonderful and lucky coincidence. Firstly, the 'optionString' member is located in the beginning of the structure. That's why it is this particular member that the fprintf() function will take and handle as a pointer to the string. Secondly, the function will not print anything after that, therefore no garbage will be printed too (i.e. the contents of the 'extraInfo' variable that will also get into the stack).
Unreal Engine 4
V510 The 'EnsureNotFalseFormatted' function is not expected to receive class-type variable as sixth actual argument. slategameresources.cpp 49
const FSlateBrush* FSlateGameResources::GetBrush(
const FName PropertyName, ....)
{
....
ensureMsgf(BrushAsset, TEXT("Could not find resource '%s'"),
PropertyName);
....
}
Chromium
V510 The 'AtlTrace' function is not expected to receive class-type variable as third actual argument. delegate_execute.cc 96
typedef std::wstring string16;
const base::string16& relaunch_flags() const {
return relaunch_flags_;
}
int RelaunchChrome(const DelegateExecuteOperation& operation)
{
AtlTrace("Relaunching [%ls] with flags [%s]\n",
operation.mutex().c_str(),
operation.relaunch_flags()); // <=
....
}
Similar errors can be found in some other places:
- V510 The 'Trace' function is not expected to receive class-type variable as fourth actual argument. entry_impl_v3.cc 1394
- V510 The 'StringPrintf' function is not expected to receive class-type variable as second actual argument. gcapi_last_run_test.cc 29
Unreal Engine 4
V510 The 'Errorf' function is not expected to receive class-type variable as second actual argument. materialexpressionlandscapelayerblend.cpp 241
int32 UMaterialExpressionLandscapeLayerBlend::Compile(....)
{
....
Compiler->Errorf(TEXT("...."), Layers[LayerIdx].LayerName);
....
}
Apple II emulator
V510 The 'sprintf' function is not expected to receive class-type variable as fifth actual argument. debug.cpp 2300
struct Command_t
{
char m_sName[ MAX_COMMAND_LEN ];
CmdFuncPtr_t pFunction;
int iCommand;
char *pHelpSummary;
};
extern Command_t g_aParameters[];
void ConfigSave_PrepareHeader ( .... )
{
char sText[ CONSOLE_WIDTH ];
sprintf( sText, "%s %s = %s\n"
, g_aTokens[ TOKEN_COMMENT_EOL ].sToken
, g_aParameters[ PARAM_CATEGORY ].m_sName
, g_aParameters[ eCategory ]
);
....
}
In the capacity of last parameter it is necessary to use this expressin: g_aParameters[ eCategory ].m_sName.
Telegram
V510 The 'wsprintfW' function is not expected to receive class-type variable as third actual argument. Updater updater.cpp 255
bool update()
{
....
wstring fname = from[i], tofname = to[i];
....
WCHAR errMsg[2048];
....
wsprintf(errMsg, L"Failed to update Telegram :
(\n%s is not accessible.", tofname);
....
}
Computational Network Toolkit
V510 The 'sprintf_s' function is not expected to receive class-type variable as third actual argument. binaryfile.cpp 501
const std::wstring& GetName()
{
return m_name;
}
Section* Section::ReadSection(....)
{
....
char message[256];
sprintf_s(message,"Invalid header in file %ls, in header %s\n",
m_file->GetName(), section->GetName()); // <=
RuntimeError(message);
....
}
CryEngine V
V510 The 'LogError' function is not expected to receive class-type variable as second actual argument. behaviortreenodes_action.cpp 143
typedef CryStringT<char> string;
// The actual fragment name.
string m_fragName;
//! cast to C string.
const value_type* c_str() const { return m_str; }
const value_type* data() const { return m_str; };
void LogError(const char* format, ...) const
{ .... }
void QueueAction(const UpdateContext& context)
{
....
ErrorReporter(*this, context).LogError("....'%s'", m_fragName);
....
}
Similar errors can be found in some other places:
- V510 The 'LogError' function is not expected to receive class-type variable as second actual argument. behaviortreenodes_core.cpp 1339
- V510 The 'Format' function is not expected to receive class-type variable as second actual argument. behaviortreenodes_core.cpp 2648
- V510 The 'CryWarning' function is not expected to receive class-type variable as sixth actual argument. crypak.cpp 3324
- And 4 additional diagnostic messages.
Scilab
V510 The 'Scierror' function is not expected to receive class-type variable as third actual argument. sci_winqueryreg.cpp 149
const std::string fname = "winqueryreg";
types::Function::ReturnValue sci_winqueryreg(....)
{
....
if (rhs != 2 && rhs != 3)
{
Scierror(77, _("%s: Wrong number...\n"), fname.data(), 2, 3);
return types::Function::Error;
}
....
else
{
Scierror(999, _("%s: Cannot open Windows regist..."), fname);
return types::Function::Error;
}
....
}
libusbx
V510 CWE-686 The '_snprintf' function is not expected to receive class-type variable as fourth actual argument. format.h 97
void usbi_log(struct libusb_context *ctx,
enum libusb_log_level level,
const char *function,
const char *format, ...);
#define _usbi_log(ctx, level, ...) \
usbi_log(ctx, level, __FUNCTION__, __VA_ARGS__)
#define usbi_err(ctx, ...) \
_usbi_log(ctx, LIBUSB_LOG_LEVEL_ERROR, __VA_ARGS__)
struct pollfd {
int fd; /* file descriptor */
short events; /* requested events */
short revents; /* returned events */
};
static int windows_handle_events(...., struct pollfd *fds, ....)
{
....
usbi_err(ctx, "could not find a matching transfer for fd %x",
fds[i]);
....
}
A %X specifier in the format string shows the intention to print an integer value. However, the entire structure is passed to the function. Most likely, the code here is supposed to be as follows: usbi_err(ctx, "...... transfer for fd %x", fds[i].fd);
qdEngine
V510 [CWE-686, CERT-FIO47-C] The 'printf' function is not expected to receive class-type variable as third actual argument. AVIGenerator.cpp 132
class CAVIGenerator
{
....
_bstr_t m_sFile;
....
};
HRESULT CAVIGenerator::InitEngine()
{
....
if (hr != AVIERR_OK)
{
_tprintf(szBuffer,
_T("AVI Engine failed to initialize. Check filename %s."),m_sFile);
m_sError=szBuffer;
....
};
This is what should have been written here: _tprintf(szBuffer, ".....", (LPCSTR)m_sFile);