Introduce format string checker

Printf-style functions can sometimes have mismatched format strings,
leading to unexpected behavior and potential security vulnerabilities.
This commit introduces a tool called "fmtscan" that scans C source
files, validates format strings, and performs preliminary spell checks.
The tool is integrated into the Git pre-commit hook to ensure safer code
practices.

Change-Id: Ia8ef8d00724a7a141172426eb9f8bf1c9dec2701

Author: jserv

Diff for: .gitignore

@@ -1,4 +1,5 @@
 qtest
+fmtscan
 *.o
 *.o.d
 *.dSYM

Diff for: Makefile

@@ -6,7 +6,7 @@ CFLAGS += -Wvla
 
 GIT_HOOKS := .git/hooks/applied
 DUT_DIR := dudect
-all: $(GIT_HOOKS) qtest
+all: $(GIT_HOOKS) qtest fmtscan
 
 tid := 0
 
@@ -53,6 +53,10 @@ qtest: $(OBJS)
 	$(VECHO) "  CC\t$@\n"
 	$(Q)$(CC) -o $@ $(CFLAGS) -c -MMD -MF .$@.d $<
 
+fmtscan: tools/fmtscan.c
+	$(VECHO) "  CC+LD\t$@\n"
+	$(Q)$(CC) -o $@ $(CFLAGS) $<
+
 check: qtest
 	./$< -v 3 -f traces/trace-eg.cmd
 
@@ -76,7 +80,7 @@ valgrind: valgrind_existence
 	@echo "scripts/driver.py -p $(patched_file) --valgrind -t <tid>"
 
 clean:
-	rm -f $(OBJS) $(deps) *~ qtest /tmp/qtest.*
+	rm -f $(OBJS) $(deps) *~ qtest /tmp/qtest.* fmtscan
 	rm -rf .$(DUT_DIR)
 	rm -rf *.dSYM
 	(cd traces; rm -f *~)

Diff for: dudect/fixture.c

@@ -84,7 +84,7 @@ static bool report(void)
     double max_tau = max_t / sqrt(number_traces_max_t);
 
     printf("\033[A\033[2K");
-    printf("meas: %7.2lf M, ", (number_traces_max_t / 1e6));
+    printf("measure: %7.2lf M, ", (number_traces_max_t / 1e6));
     if (number_traces_max_t < ENOUGH_MEASURE) {
         printf("not enough measurements (%.0f still to go).\n",
                ENOUGH_MEASURE - number_traces_max_t);

Diff for: linenoise.c

@@ -693,7 +693,7 @@ static void refresh_multi_Line(struct line_state *l)
     /* Move cursor to right position. */
     rpos2 =
         (plen + l->pos + l->cols) / l->cols; /* current cursor relative row. */
-    lndebug("rpos2 %d", rpos2);
+    lndebug("right position %d", rpos2);
 
     /* Go up till we reach the expected positon. */
     if (rows - rpos2 > 0) {

Diff for: qtest.c

@@ -1079,7 +1079,7 @@ static void console_init()
         "Remove from tail of queue. Optionally compare to expected value str",
         "[str]");
     ADD_COMMAND(reverse, "Reverse queue", "");
-    ADD_COMMAND(sort, "Sort queue in ascending/descening order", "");
+    ADD_COMMAND(sort, "Sort queue in ascending/descending order", "");
     ADD_COMMAND(size, "Compute queue size n times (default: n == 1)", "[n]");
     ADD_COMMAND(show, "Show queue contents", "");
     ADD_COMMAND(dm, "Delete middle node in queue", "");
@@ -1165,11 +1165,11 @@ static bool q_quit(int argc, char *argv[])
 
 static void usage(char *cmd)
 {
-    printf("Usage: %s [-h] [-f IFILE][-v VLEVEL][-l LFILE]\n", cmd);
+    printf("Usage: %s [-h] [-f FILE][-v LEVEL][-l LOG\n", cmd);
     printf("\t-h         Print this information\n");
-    printf("\t-f IFILE   Read commands from IFILE\n");
-    printf("\t-v VLEVEL  Set verbosity level\n");
-    printf("\t-l LFILE   Echo results to LFILE\n");
+    printf("\t-f FILE   Read commands from FILE\n");
+    printf("\t-v LEVEL  Set verbosity level\n");
+    printf("\t-l LOG    Echo results to LOG\n");
     exit(0);
 }
 
@@ -1208,7 +1208,6 @@ bool commit_exists(const char *commit_hash)
     posix_spawn_file_actions_t actions;
     if (posix_spawn_file_actions_init(&actions) != 0) {
         /* Error initializing spawn file actions */
-        perror("posix_spawn_file_actions_init");
         close(pipefd[0]);
         close(pipefd[1]);
         return false;
@@ -1217,7 +1216,6 @@ bool commit_exists(const char *commit_hash)
     /* Redirect child's stdout to the pipe's write end */
     if (posix_spawn_file_actions_adddup2(&actions, pipefd[1], STDOUT_FILENO) !=
         0) {
-        perror("posix_spawn_file_actions_adddup2");
         posix_spawn_file_actions_destroy(&actions);
         close(pipefd[0]);
         close(pipefd[1]);
@@ -1227,7 +1225,6 @@ bool commit_exists(const char *commit_hash)
     /* Close unused pipe ends in the child */
     if (posix_spawn_file_actions_addclose(&actions, pipefd[0]) != 0 ||
         posix_spawn_file_actions_addclose(&actions, pipefd[1]) != 0) {
-        perror("posix_spawn_file_actions_addclose");
         posix_spawn_file_actions_destroy(&actions);
         close(pipefd[0]);
         close(pipefd[1]);

Diff for: report.c

@@ -255,7 +255,7 @@ char *strsave_or_fail(const char *s, const char *fun_name)
     check_exceed(len + 1);
     char *ss = malloc(len + 1);
     if (!ss)
-        fail_fun("strsave failed in %s", fun_name);
+        fail_fun("Failed in %s", fun_name);
 
     allocate_cnt++;
     allocate_bytes += len + 1;

Diff for: scripts/aspell-pws

@@ -159,7 +159,6 @@ ioctl
 syscall
 syscalls
 getrandom
-dev
 urandom
 arch
 aarch
@@ -309,10 +308,13 @@ lima
 github
 ih
 it
+spawnp
 AddressSanitizer
 asan
 dbg
 dev
+sys
+proc
 dpkg
 apt
 siglongjmp
@@ -351,3 +353,80 @@ BitInt
 noreturn
 pragma
 EditorConfig
+abcdefghijklmnopqrstuvwxyz
+cmd
+commitlog
+cpp
+crit
+dereference
+dereferenced
+dict
+errno
+fmt
+fmtscan
+init
+lX
+ld
+lf
+llX
+lld
+llu
+llx
+lx
+malloc
+pCn
+pCr
+pEc
+pEh
+pEo
+pEs
+pF
+pGg
+pGv
+pISb
+pISc
+pISf
+pISh
+pISl
+pISn
+pISpc
+pK
+pMF
+pMR
+pNF
+pSR
+pUL
+pUl
+pV
+param
+pbl
+pf
+phC
+phN
+piSb
+piSc
+piSf
+piSh
+piSl
+piSn
+piSpc
+pmR
+posix
+rdtsc
+cntvct
+mrs
+arg
+args
+tau
+unallocated
+unsorted
+waitpid
+workspace
+zd
+zu
+oneline
+str
+pws
+el
+fd
+hv

Diff for: scripts/driver.py

@@ -146,11 +146,11 @@ def run(self, tid=0):
             sys.exit(1)
 
 def usage(name):
-    print("Usage: %s [-h] [-p PROG] [-t TID] [-v VLEVEL] [--valgrind] [-c]" % name)
+    print("Usage: %s [-h] [-p PROG] [-t TID] [-v LEVEL] [--valgrind] [-c]" % name)
     print("  -h        Print this message")
     print("  -p PROG   Program to test")
     print("  -t TID    Trace ID to test")
-    print("  -v VLEVEL Set verbosity level (0-3)")
+    print("  -v LEVEL  Set verbosity level (0-3)")
     print("  -c Enable colored text")
     sys.exit(0)
 

Diff for: scripts/pre-commit.hook

@@ -207,7 +207,7 @@ for FILE in $FILES; do
 done
 
 if [ ! -z "${FILES[*]}" ]; then
-  echo "Following files need to be cleaned up:"
+  echo "Following files were changed:"
   echo "${FILES[*]}"
 fi
 
@@ -234,6 +234,21 @@ do
   fi
 done
 
+# format string checks
+if [ ! -f fmtscan ]; then
+    make fmtscan
+    if [ ! -f fmtscan ]; then
+       throw "Fail to build 'fmtscan' tools"
+    fi
+fi
+if git diff --cached --name-only | grep -qiE "\.(c|h|cpp|hpp)$"; then
+  echo "Running fmtscan..."
+  ./fmtscan
+  if [ $? -ne 0 ]; then
+    throw "Check format strings for spelling"
+  fi
+fi
+
 # static analysis
 echo "Running static analysis..."
 $CPPCHECK $CPPCHECK_OPTS >/dev/null