This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug c/79692] New: -Wformat-overflow false positive?
- From: "sirl at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Thu, 23 Feb 2017 16:32:55 +0000
- Subject: [Bug c/79692] New: -Wformat-overflow false positive?
- Auto-submitted: auto-generated
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79692
Bug ID: 79692
Summary: -Wformat-overflow false positive?
Product: gcc
Version: 7.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: sirl at gcc dot gnu.org
Target Milestone: ---
Created attachment 40820
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=40820&action=edit
testcase
With trunk r245678 on x86_64 the attached testcase prints these warnings:
gcc-trunk -Wformat-overflow -O2 -c test-sprintf-2.c
test-sprintf-2.c: In function 'test':
test-sprintf-2.c:90:32: warning: '%0*lX' directive writing between 1 and
2147483648 bytes into a region of size 76 [-Wformat-overflow=]
sprintf (buffer, "1: %s%c%0*lX %s%c%0*lX", reg, sFrom, nFrom,
^~~~~
test-sprintf-2.c:90:24: note: directive argument in the range [0,
4611686018427387904]
sprintf (buffer, "1: %s%c%0*lX %s%c%0*lX", reg, sFrom, nFrom,
^~~~~~~~~~~~~~~~~~~~~~~~
test-sprintf-2.c:90:24: note: directive argument in the range [0,
4611686018427387904]
test-sprintf-2.c:90:7: note: 'sprintf' output 9 or more bytes (assuming
4294967303) into a destination of size 80
sprintf (buffer, "1: %s%c%0*lX %s%c%0*lX", reg, sFrom, nFrom,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(uint64_t) from, reg, sTo, nTo, (uint64_t) to);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
test-sprintf-2.c:109:29: warning: '%0*lX' directive writing between 1 and
2147483648 bytes into a region of size 76 [-Wformat-overflow=]
sprintf (buffer, "2: %s%c%0*lX %0*lX", reg, sFrom, nFrom,
^~~~~
test-sprintf-2.c:109:21: note: directive argument in the range [0,
4611686018427387904]
sprintf (buffer, "2: %s%c%0*lX %0*lX", reg, sFrom, nFrom,
^~~~~~~~~~~~~~~~~~~~
test-sprintf-2.c:109:4: note: 'sprintf' output 8 or more bytes (assuming
2147483655) into a destination of size 80
sprintf (buffer, "2: %s%c%0*lX %0*lX", reg, sFrom, nFrom,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(uint64_t) from, nLen, (uint64_t) len);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To me it seems it shouldn't warn. PR 79275 looks like a variant of this problem
and was already fixed.