This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug tree-optimization/80420] New: missing -Wformat-overfow on snprintf with excessive bound
- From: "msebor at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Thu, 13 Apr 2017 19:29:03 +0000
- Subject: [Bug tree-optimization/80420] New: missing -Wformat-overfow on snprintf with excessive bound
- Auto-submitted: auto-generated
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80420
Bug ID: 80420
Summary: missing -Wformat-overfow on snprintf with excessive
bound
Product: gcc
Version: 7.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
The -Wformat-overflow/truncation options fail to diagnose the buffer overflow
in calls to snprintf where the specified bound is greater than the size of the
destination object. Both the overflow (when detected) and the excessive bound
(when the size of the function's output cannot be determined) should be
diagnosed.
$ cat c.c && gcc -c -O2 -Wall -Wextra -Wpedantic -Werror c.c
char d[4];
void f (void)
{
__builtin_snprintf (d, 10, "%-s", "123456789");
}
void g (const char *s)
{
__builtin_snprintf (d, 10, "%-s", s);
}
$