code analysis bug

In file included from libopts.c:23:
./makeshell.c:138:26: warning: more '%' conversions than data
arguments
"unset OPT_ARG_VAL || :\n%2$s";

This is not correct. The format below uses the first argument twice and the
second argument once. The "clang" analysis does not properly recognize
the "1$" and "2$" modifiers. This is POSIX for a while, intended for I18N,
but perfectly usable for other purposes. Like generating shell code.

static char const zLoopEnd =
" if [ -n \"${OPT_ARG_VAL}\" ]\n"
" then\n"
" eval %1$s_${OPT_NAME}${OPT_ELEMENT}=\"'${OPT_ARG_VAL}'\"\n"
" export %1$s_${OPT_NAME}${OPT_ELEMENT}\n"
" fi\n"
"done\n\n"
"unset OPT_PROCESS || :\n"
"unset OPT_ELEMENT || :\n"
"unset OPT_ARG || :\n"
"unset OPT_ARG_NEEDED || :\n"
"unset OPT_NAME || :\n"
"unset OPT_CODE || :\n"
"unset OPT_ARG_VAL || :\n%2$s";

In file included from ag.c:34:
./tpProcess.c:117:31: warning: format string is not a string literal
      (potentially insecure)
            fprintf( pfTrace, zBadR+2 );

This is another analytical bug. "zBadR" is, in fact, a string literal.
I am writing from the second byte. I ought to have used fputs()
instead, and will, but meanwhile, this is a bug. Here is the usage
and the two bytes skipped happen to be "%s":

        if (*pzOopsPrefix != NUL) {
            fprintf( stdout, zBadR, pzOopsPrefix );
            pzOopsPrefix = zNil;
        } else {
            fprintf( pfTrace, zBadR+2 );
        }

on second thought, I'll replace all that with just the first fprintf.
There's still an analysis bug. Thank you! Regards, Bruce

Please file at llvm.org/bugs/ in the clang component with a simple testcase.

-Eli