Bug 1369622 - Add a static_assert when no variadic argument is given to MOZ_CRASH_UNSAFE_PRINTF. r?froydnj
If MOZ_CRASH_UNSAFE_PRINTF is only given a format string, it means
either arguments are missing, or MOZ_CRASH should be used instead.
Hint at that with a static_assert.
--- a/mfbt/Assertions.h
+++ b/mfbt/Assertions.h
@@ -310,16 +310,20 @@ MOZ_CrashPrintf(const char* aFilename, i
* a printf-style format string, which must be a string literal and between
* 1 and 4 additional arguments. A regular MOZ_CRASH() is preferred wherever
* possible, as passing arbitrary strings to printf from a potentially
* compromised process is not without risk.
*/
#define MOZ_CRASH_UNSAFE_PRINTF(format, ...) \
do { \
static_assert( \
+ MOZ_ARG_COUNT(__VA_ARGS__) > 0, \
+ "Did you forget arguments to MOZ_CRASH_UNSAFE_PRINTF? " \
+ "Or maybe you want MOZ_CRASH instead?"); \
+ static_assert( \
MOZ_ARG_COUNT(__VA_ARGS__) <= sPrintfMaxArgs, \
"Only up to 4 additional arguments are allowed!"); \
static_assert(sizeof(format) <= sPrintfCrashReasonSize, \
"The supplied format string is too long!"); \
MOZ_CALL_CRASH_PRINTF("" format, __VA_ARGS__); \
} while (0)
MOZ_END_EXTERN_C