This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug tree-optimization/80420] New: missing -Wformat-overfow on snprintf with excessive bound

From: "msebor at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
To: gcc-bugs at gcc dot gnu dot org
Date: Thu, 13 Apr 2017 19:29:03 +0000
Subject: [Bug tree-optimization/80420] New: missing -Wformat-overfow on snprintf with excessive bound
Auto-submitted: auto-generated

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80420

            Bug ID: 80420
           Summary: missing -Wformat-overfow on snprintf with excessive
                    bound
           Product: gcc
           Version: 7.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: tree-optimization
          Assignee: unassigned at gcc dot gnu.org
          Reporter: msebor at gcc dot gnu.org
  Target Milestone: ---

The -Wformat-overflow/truncation options fail to diagnose the buffer overflow
in calls to snprintf where the specified bound is greater than the size of the
destination object.  Both the overflow (when detected) and the excessive bound
(when the size of the function's output cannot be determined) should be
diagnosed.

$ cat c.c && gcc -c -O2 -Wall -Wextra -Wpedantic -Werror c.c
char d[4];

void f (void)
{
  __builtin_snprintf (d, 10, "%-s", "123456789");
}

void g (const char *s)
{
  __builtin_snprintf (d, 10, "%-s", s);
}
$

Follow-Ups:
- [Bug tree-optimization/80420] missing -Wformat-overfow on snprintf with excessive bound
  - From: msebor at gcc dot gnu.org

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]