Guy Harris
changed
bug 12093
| What |
Removed |
Added |
| Status |
UNCONFIRMED
|
INCOMPLETE
|
| Ever confirmed |
|
1
|
Comment # 1
on bug 12093
from Guy Harris
Presumably your static analyzer understands C++, and the QString class in C++,
and understands that the code about which it's complaining is *NOT* calling the
C language's sprintf() function, and is only complaining because, as the
documentation of the sprintf method of the String class:
http://doc.qt.io/qt-4.8/qstring.html#sprintf
says:
Warning: We do not recommend using QString::sprintf() in new Qt code.
Instead, consider using QTextStream or arg(), both of which support Unicode
strings seamlessly and are type-safe.
and is *NOT* doing something silly such as believing that this is formatting
text into a fixed-size buffer - because there is no fixed-size buffer involved
here and no buffer overflow involved either, as the documentation of the
sprintf method clearly indicates.
(Oh, and the format string in those calls *is* constant. If the static
analyzer doesn't understand *that*, please replace it with a static analyzer
that *isn't* complete crap when fed C++ code.)
You are receiving this mail because:
- You are watching all bug changes.
