This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug middle-end/49905] Better sanity checking on sprintf src & dest to produce warning for dodgy code ?
- From: "msebor at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Mon, 04 Jul 2016 18:03:32 +0000
- Subject: [Bug middle-end/49905] Better sanity checking on sprintf src & dest to produce warning for dodgy code ?
- Auto-submitted: auto-generated
- References: <bug-49905-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=49905
--- Comment #16 from Martin Sebor <msebor at gcc dot gnu.org> ---
(In reply to Jakub Jelinek from comment #14)
> But 9 is maximum length just for the %+03d part, %02d with the limited VRP
> range is exactly 2 and then the '\0', so that is 12 maximum, 6 minimum.
Yes.
> So printing 9 is just misleading.
The 9 actually corresponds to a range between 3 and 9 bytes so the warning
could print that range, the same way it does for unknown and unbounded values
at level 2, like so:
warning: ‘%+03d’ directive output may be truncated between ‘3’ and ‘9’ bytes
into a region of size ‘6’ [-Wformat-length=]
The note could also be extended to print a range:
note: destination region size is ‘6’ bytes, minimum required ‘6’, maximum
‘12’
Does this make it clearer?