This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH] - improve sprintf buffer overflow detection (middle-end/49905)
On Wed, 5 Oct 2016, Jakub Jelinek wrote:
> On Wed, Oct 05, 2016 at 03:40:18PM +0000, Joseph Myers wrote:
> > On Tue, 4 Oct 2016, Martin Sebor wrote:
> >
> > > > Well, typically cases where one of long and int is passed and the other is
> > > > expected, but they have the same size, are bugs waiting to happen when the
> > > > code is built on a 64-bit system. That is, they *should* warn.
> > >
> > > Typically, yes. In the case of wchar_t (or int) and wint_t I don't
> > > think it's helpful. Consider this case from my comment #5 on bug
> > > 72858. I don't think there is any point in issuing a warning here.
> > > On the majority of targets they either all are or promote to a type
> > > of the same size, don't they?
> >
> > I'm unconvinced by that "majority of targets" of argument (which once
> > would have been true for int and long, and you could say it is true for
> > long and size_t). There's a clear correct type here, and it's wint_t, and
> > it's always easy to fix the code to use the correct type.
>
> But, can we reliably detect differences between wint_t and unsigned int if
> wint_t is a typedef to that, or size_t and unsigned long etc., I mean doesn't
> early folding already throw it away?
Detecting it in all cases is hard as for size_t etc., but that shouldn't
stop us warning in the cases where the types are different enough that we
can tell the program is wrong.
--
Joseph S. Myers
joseph@codesourcery.com