This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug tree-optimization/80397] New: missing -Wformat-overflow with arguments of enum types
- From: "msebor at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Tue, 11 Apr 2017 16:52:13 +0000
- Subject: [Bug tree-optimization/80397] New: missing -Wformat-overflow with arguments of enum types
- Auto-submitted: auto-generated
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80397
Bug ID: 80397
Summary: missing -Wformat-overflow with arguments of enum types
Product: gcc
Version: 7.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
GCC issues a warning for the buffer overflow in the call to sprintf in function
f in the test case below but it fails to do the same thing for the equivalent
function g. This is because the format_integer function that extracts the
range of the integral argument tests for the argument's type being INTEGER_TYPE
rather than using the INTEGRAL_TYPE_P() macro as it should be.
$ cat z.c && gcc -O2 -S -Wall -Wextra -Wpedantic z.c
char d[1];
enum E { e10 = 10, e99 = 99 };
int f (int i)
{
if (i < e10 || e99 < i)
i = e10;
return __builtin_sprintf (d, "%i", i); // warning (ok)
}
int g (enum E i)
{
if (i < e10 || e99 < i)
i = e10;
return __builtin_sprintf (d, "%i", i); // missing warning (bug)
}
z.c: In function ‘f’:
z.c:10:33: warning: ‘%i’ directive writing 2 bytes into a region of size 1
[-Wformat-overflow=]
return __builtin_sprintf (d, "%i", i); // warning (ok)
^~
z.c:10:32: note: directive argument in the range [10, 99]
return __builtin_sprintf (d, "%i", i); // warning (ok)
^~~~
z.c:10:10: note: ‘__builtin_sprintf’ output 3 bytes into a destination of size
1
return __builtin_sprintf (d, "%i", i); // warning (ok)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~