Bug 79214 - -Wno-system-header defeats strncat buffer overflow warnings
Summary: -Wno-system-header defeats strncat buffer overflow warnings
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: preprocessor (show other bugs)
Version: 7.0
: P3 normal
Target Milestone: ---
Assignee: Martin Sebor
URL:
Keywords: diagnostic, patch
Depends on:
Blocks: 54924
  Show dependency treegraph
 
Reported: 2017-01-24 19:00 UTC by Martin Sebor
Modified: 2017-05-04 20:57 UTC (History)
0 users

See Also:
Host:
Target:
Build:
Known to work: 8.0
Known to fail: 7.0
Last reconfirmed: 2017-01-25 00:00:00


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Martin Sebor 2017-01-24 19:00:37 UTC
In the following program the -Wstringop-overflow= function detects the incorrectly bounded call to __builtin_strncat in function f() but fails to detect the same problem in the call to strncat in function g().  On this system (Fedora 21) strncat is a macro defined in <string.h> to __builtin_strncat so the code in both f() and g() is identical.  The problem is that because the strncat macro is defined in a system header and the -Wno-system-headers option is enabled by default the warning in the second instance is suppressed.

$ cat t.c && gcc -O2 -S -Wall -Wextra t.c
#include <string.h>

void foo (void*);

void f (const char *fname)
{
  char d[8];
  __builtin_strncpy (d, "/tmp/", sizeof d);
  __builtin_strncat (d, fname, sizeof d);

  foo (d);
}

void g (const char *fname)
{
  char d[8];
  strncpy (d, "/var/", sizeof d);
  strncat (d, fname, sizeof d);

  foo (d);
}

t.c: In function ‘f’:
t.c:9:3: warning: specified bound 8 equals the size of the destination [-Wstringop-overflow=]
   __builtin_strncat (d, fname, sizeof d);
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Comment 1 Martin Sebor 2017-01-24 19:03:30 UTC
See also bug 16358 and bug 78000 for a discussion of the underlying problem.
Comment 2 Martin Sebor 2017-01-24 20:45:40 UTC
A few other problem reports caused by -Wno-system-header: bug 78989, bug 71613, and bug 43167.
Comment 3 Martin Sebor 2017-01-25 17:47:20 UTC
Testing a patch.
Comment 4 Martin Sebor 2017-01-25 21:14:04 UTC
Patch posted for review:
https://gcc.gnu.org/ml/gcc-patches/2017-01/msg01994.html
Comment 5 Martin Sebor 2017-05-04 20:55:15 UTC
Author: msebor
Date: Thu May  4 20:54:43 2017
New Revision: 247618

URL: https://gcc.gnu.org/viewcvs?rev=247618&root=gcc&view=rev
Log:
PR preprocessor/79214 -  -Wno-system-header defeats strncat buffer overflow warnings
PR middle-end/79222 - missing -Wstringop-overflow= on a stpcpy overflow
PR middle-end/79223 - missing -Wstringop-overflow on a memmove overflow

gcc/ChangeLog:

	PR preprocessor/79214
	PR middle-end/79222
	PR middle-end/79223
	* builtins.c (check_sizes): Add inlinining context and issue
	warnings even when -Wno-system-headers is set.
	(check_strncat_sizes): Same.
	(expand_builtin_strncat): Same.
	(expand_builtin_memmove): New function.
	(expand_builtin_stpncpy): Same.
	(expand_builtin): Handle memmove and stpncpy.

gcc/testsuite/ChangeLog:

	PR preprocessor/79214
	PR middle-end/79222
	PR middle-end/79223
	* gcc.dg/pr79214.c: New test.
	* gcc.dg/pr79214.h: New test header.
	* gcc.dg/pr79222.c: New test.
	* gcc.dg/pr79223.c: New test.
	* gcc.dg/pr78138.c: Adjust.
	* gfortran.dg/unconstrained_commons.f: Same.


Added:
    trunk/gcc/testsuite/gcc.dg/pr79214.c
    trunk/gcc/testsuite/gcc.dg/pr79214.h
    trunk/gcc/testsuite/gcc.dg/pr79222.c
    trunk/gcc/testsuite/gcc.dg/pr79223.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/builtins.c
    trunk/gcc/testsuite/ChangeLog
    trunk/gcc/testsuite/gcc.dg/pr78138.c
    trunk/gcc/testsuite/gfortran.dg/unconstrained_commons.f
Comment 6 Martin Sebor 2017-05-04 20:57:05 UTC
Fix committed in r247618.