[PATCH] to implement something like -Wwarn-bad-use-of-strcpy

Mon Sep 6 17:52:00 GMT 2004

[[This is a followup to the posting on comp.lang.c++, subject
"C++ Compiler with a -Wwarn-use-of-strcpy or similar option??"
http://tinyurl.com/5fy96 ]]

I have managed to patch gcc-3.3 to produce two new warnings.
one for the case of

  char p[8];
  strcpy(p, "too large string const");	/* <-- outright bug */

and one for the case of

  char p[8];
  strcpy(p, q);		/* <-- potential buffer overflow */

as these are common programming errors, i believe they should
be warned of by gcc. patch follows below.

i personally manage a code base far too large to be able to
manually check all strcpy's. running gcc over our code and
grepping for these warnings will enable us to write a script
to automatically fix these errors.

I hope there will be more of these kinds of checks in the
future for functions besides strcpy and other common errors.
if gcc *already* does some of these checks, please let me know.

note that the patch detects a strcpy by the tree node's
builtin-function enumerator, BUILT_IN_STRCPY. so this is
bit of a hack. it should really check the function
name (*i* think).

feedback is welcome

best wishes

-paul

Paul Sheer . . . . . . . . . . . . . . . . .  Tel  . . +27 (0)21 6869634
Email . . . http://2038bug.com/email.gif . . . . . . . . . . . . . . . .
http://www.icon.co.za/~psheer . . . . . . . . .  http://rute.2038bug.com
L I N U X . . . . . . . . . . . . . . . . The Choice of a GNU Generation

----------

(this patch contains a couple of fixes over the one
posted to the newsgroups.)

begin 644 strcpy-warn.diff
M9&EF9B`M=2`M<B!G8V,M3U))1R]B=6EL=&EN<RYC(&=C8R]B=6EL=&EN<RYC
M"BTM+2!G8V,M3U))1R]B=6EL=&EN<RYC"3(P,#,M,#4M,#4@,3@Z-3DZ,3,N
M,#`P,#`P,#`P("LP,C`P"BLK*R!G8V,O8G5I;'1I;G,N8PDR,#`T+3`Y+3`U
M(#$V.C`P.C0W+C`P,#`P,#`P,"`K,#(P,`I`0"`M-S0L-R`K-S0L-B!`0`H@
M=')E92!B=6EL=%]I;E]D96-L<ULH:6YT*2!%3D1?0E5)3%1)3E-=.PH@"B!S
M=&%T:6,@:6YT(&=E=%]P;VEN=&5R7V%L:6=N;65N=`E005)!35,@*"AT<F5E
M+"!U;G-I9VYE9"!I;G0I*3L*+7-T871I8R!T<F5E(&-?<W1R;&5N"0D)4$%2
M04U3("@H=')E92DI.PH@<W1A=&EC(&-O;G-T(&-H87(@*F-?9V5T<W1R"0E0
M05)!35,@*"AT<F5E*2D["B!S=&%T:6,@<G1X(&-?<F5A9'-T<@D)"5!!4D%-
M4R`H*&-O;G-T(&-H87(@*BP*(`D)"0D)"2!E;G5M(&UA8VAI;F5?;6]D92DI
M.PI`0"`M,C,R+#<@*S(S,2PW($!`"B`@("!5;F9O<G1U;F%T96QY+"!S=')I
M;F=?8V]N<W1A;G0@8V%N)W0@86-C97-S('1H92!V86QU97,@;V8@8V]N<W0@
M8VAA<@H@("`@87)R87ES('=I=&@@:6YI=&EA;&EZ97)S+"!S;R!N96ET:&5R
M(&-A;B!W92!D;R!S;R!H97)E+B`@*B\*(`HM<W1A=&EC('1R964**W1R964*
M(&-?<W1R;&5N("AS<F,I"B`@("`@('1R964@<W)C.PH@>PID:69F("UU("UR
M(&=C8RU/4DE'+V,M=')E92YH(&=C8R]C+71R964N:`HM+2T@9V-C+4]224<O
M8RUT<F5E+F@),C`P,BTP.2TQ-B`R,#HS,SHQ."XP,#`P,#`P,#`@*S`R,#`*
M*RLK(&=C8R]C+71R964N:`DR,#`T+3`Y+3`U(#$V.C`V.C0Y+C`P,#`P,#`P
M,"`K,#(P,`I`0"`M,S(S+#0@*S,R,RPW($!`"B!E>'1E<FX@1U19*"@I*2!T
M<F5E('-T871I8U]C=&]R<SL*(&5X=&5R;B!'5%DH*"DI('1R964@<W1A=&EC
M7V1T;W)S.PH@"BLO*B!I;B!B=6EL=&EN<RYC("HO"BME>'1E<FX@=')E92!C
M7W-T<FQE;@D)"0E005)!35,@*"AT<F5E*2D["BL*("-E;F1I9B`O*B`A($=#
M0U]#7U12145?2"`J+PID:69F("UU("UR(&=C8RU/4DE'+V,M='EP96-K+F,@
M9V-C+V,M='EP96-K+F,*+2TM(&=C8RU/4DE'+V,M='EP96-K+F,),C`P,RTP
M-"TQ."`P.#HU,#HT-2XP,#`P,#`P,#`@*S`R,#`**RLK(&=C8R]C+71Y<&5C
M:RYC"3(P,#0M,#DM,#4@,3<Z,#$Z-#@N,#`P,#`P,#`P("LP,C`P"D!`("TU
M-RPV("LU-RPW($!`"B!S=&%T:6,@=')E92!D96-L7V-O;G-T86YT7W9A;'5E
M7V9O<E]B<F]K96Y?;W!T:6UI>F%T:6]N(%!!4D%-4R`H*'1R964I*3L*('-T
M871I8R!T<F5E(&1E9F%U;'1?9G5N8W1I;VY?87)R87E?8V]N=F5R<VEO;@E0
M05)!35,@*"AT<F5E*2D["B!S=&%T:6,@=')E92!L;V]K=7!?9FEE;&0)"5!!
M4D%-4R`H*'1R964L('1R964I*3L**W-T871I8R!V;VED('=A<FY?8F%D7W5S
M86=E"0E005)!35,@*"AT<F5E+"!T<F5E+"!T<F5E+"!T<F5E*2D["B!S=&%T
M:6,@=')E92!C;VYV97)T7V%R9W5M96YT<PD)4$%204U3("@H=')E92P@=')E
M92P@=')E92P@=')E92DI.PH@<W1A=&EC('1R964@<&]I;G1E<E]D:69F"0E0
M05)!35,@*"AT<F5E+"!T<F5E*2D["B!S=&%T:6,@=')E92!U;F%R>5]C;VUP
M;&5X7VQV86QU90E005)!35,@*"AE;G5M('1R965?8V]D92P@=')E92P@:6YT
M*2D["D!`("TQ-3(U+#8@*S$U,C8L,3`@0$`*("`@+RH@9FYT>7!E(&YO=R!G
M971S('1H92!T>7!E(&]F(&9U;F-T:6]N('!O:6YT960@=&\N("`J+PH@("!F
M;G1Y<&4@/2!44D5%7U194$4@*&9N='EP92D["B`**R`@+RH@5V%R;B!A8F]U
M="!U<V4@;V8@<W1R8W!Y('1O(&$@8G5F9F5R(&]F(&9I>&5D('-I>F5D(&%N
M9`HK("`@("!O=&AE<B!C;VUM;VX@<')O9W)A;6UI;F<@97)R;W)S+B`@*B\*
M*R`@=V%R;E]B861?=7-A9V4@*%194$5?05)'7U194$53("AF;G1Y<&4I+"!P
M87)A;7,L(&YA;64L(&9U;F1E8VPI.PHK"B`@("\J($-O;G9E<G0@=&AE('!A
M<F%M971E<G,@=&\@=&AE('1Y<&5S(&1E8VQA<F5D(&EN('1H90H@("`@("!F
M=6YC=&EO;B!P<F]T;W1Y<&4L(&]R(&%P<&QY(&1E9F%U;'0@<')O;6]T:6]N
M<RX@("HO"B`*0$`@+3$U-3DL-B`K,34V-"PV-B!`0`H@("!R971U<FX@<F5Q
M=6ER95]C;VUP;&5T95]T>7!E("AR97-U;'0I.PH@?0H@#`HK+RH@0VAE8VL@
M=&AE(&9U;F-T:6]N(&-A;&P@86YD(&%R9W5M96YT<R!A9V%I;G-T(&-E<G1A
M:6X@9V]O9`HK("`@<')O9W)A;6UI;F<@971H:6-S+B!465!%3$E35"P@5D%,
M5453+"!.04U%+"!&54Y$14-,(&AA=F4@=&AE"BL@("!S86UE('-E;G-E(&%S
M(&EN(&-O;G9E<G1?87)G=6UE;G1S(&)E;&]W("HO"BL**W-T871I8R!V;VED
M"BMW87)N7V)A9%]U<V%G92`H='EP96QI<W0L('9A;'5E<RP@;F%M92P@9G5N
M9&5C;"D**R`@("`@=')E92!T>7!E;&ES="P@=F%L=65S+"!N86UE+"!F=6YD
M96-L.PHK>PHK("!T<F5E('1Y<&5T86EL+"!V86QT86EL.PHK(V1E9FEN92!5
M4T5&54Q?4$%230DS"BL@('1R964@<&%R;5M54T5&54Q?4$%235T["BL@(&EN
M="!P87)M;G5M.PHK"BL@(&EF("@A9G5N9&5C;"D**R`@("!R971U<FX["BL*
M*R`@9F]R("AV86QT86EL(#T@=F%L=65S+"!T>7!E=&%I;"`]('1Y<&5L:7-T
M+"!P87)M;G5M(#T@,#L**R`@("`@("!V86QT86EL("8F('!A<FUN=6T@/"!5
M4T5&54Q?4$%233L**R`@("`@("!V86QT86EL(#T@5%)%15]#2$%)3B`H=F%L
M=&%I;"DL('!A<FUN=6TK*RD**R`@("!["BL@("`@("!T<F5E('1Y<&4@/2!T
M>7!E=&%I;"`_(%12145?5D%,544@*'1Y<&5T86EL*2`Z(#`["BL@("`@("!T
M<F5E('9A;"`](%12145?5D%,544@*'9A;'1A:6PI.PHK("`@("`@:68@*'1Y
M<&4@/3T@=F]I9%]T>7!E7VYO9&4I"BL)<F5T=7)N.PHK"BL@("`@("`O*B!3
M964@8V]N=F5R=%]A<F=U;65N=',@8F5L;W<@*B\**R`@("`@(&EF("A44D5%
M7T-/1$4@*'9A;"D@/3T@3D].7TQ604Q515]%6%!2*0HK"79A;"`](%12145?
M3U!%4D%.1"`H=F%L+"`P*3L**R`@("`@('!A<FU;<&%R;6YU;5T@/2!V86P[
M"BL@("`@?0HK"BL@('-W:71C:"`H1$5#3%]&54Y#5$E/3E]#3T1%("AF=6YD
M96-L*2D**R`@("!["BL@("`@8V%S92!"54E,5%])3E]35%)#4%DZ"BL@("`@
M("!I9B`H<&%R;5LP72`F)B!P87)M6S%=("8F($%24D%97U194$4@/3T@5%)%
M15]#3T1%("A44D5%7U194$4@*'!A<FU;,%TI*2D**PE["BL)("!T<F5E(&1L
M96X@/2!C7W-I>F5O9B`H5%)%15]465!%("AP87)M6S!=*2D["BL)("!T<F5E
M('-L96X@/2!C7W-T<FQE;B`H<&%R;5LQ72D["BL)("!I9B`H<VQE;B`]/2`P
M*0HK"2`@("!["BL)("`@("`@=V%R;FEN9PHK"0DH(G-T<F-P>2!T;R!A;B!A
M<G)A>2!O9B!F:7AE9"!S:7IE+"!U<V4@<W1R;F-P>2!I;G-T96%D+"!O<B!B
M971T97(@>65T+"!U<V4@<W1R;&-P>2(I.PHK"2`@("!]"BL)("!E;'-E"BL)
M("`@('L**PD@("`@("!S;&5N(#T@<VEZ95]B:6YO<"`H4$Q54U]%6%!2+"!S
M;&5N+"!S<VEZ95]I;G0@*#$I*3L**PD@("`@("!I9B`H=')E95]I;G1?8W-T
M7VQT("AD;&5N+"!S;&5N*2D**PD)>PHK"0D@('=A<FYI;F<**PD)("`@("@B
M=')Y:6YG('1O('-T<F-P>2!A(&-O;G-T86YT('-T<FEN9R!T;R!A(&9I>&5D
M('-I>F4@87)R87D@;V8@:6YS=69F:6-I96YT('-I>F4B+`HK"0D@("`@($E$
M14Y4249)15)?4$])3E1%4B`H;F%M92DI.PHK"0E]"BL)("`@('T**PE]"BL@
M("`@("!B<F5A:SL**R`@("!D969A=6QT.@HK("`@("`@<F5T=7)N.PHK("`@
M('T**WT**PP*("\J($-O;G9E<G0@=&AE(&%R9W5M96YT(&5X<')E<W-I;VYS
M(&EN('1H92!L:7-T(%9!3%5%4PH@("`@=&\@=&AE('1Y<&5S(&EN('1H92!L
M:7-T(%194$5,25-4+B`@5&AE(')E<W5L="!I<R!A(&QI<W0@;V8@8V]N=F5R
M=&5D"B`@("!A<F=U;65N="!E>'!R97-S:6]N<RX*9&EF9B`M=2`M<B!G8V,M
M3U))1R]E>'!R+F,@9V-C+V5X<'(N8PHM+2T@9V-C+4]224<O97AP<BYC"3(P
M,#,M,#0M,C,@,#$Z,#@Z,34N,#`P,#`P,#`P("LP,C`P"BLK*R!G8V,O97AP
M<BYC"3(P,#0M,#DM,#4@,34Z-#DZ-#0N,#`P,#`P,#`P("LP,C`P"D!`("TY
M-#<Q+#<@*SDT-S$L,3(@0$`*('L*("`@4U1225!?3D]04R`H87)G*3L*(`HM
M("!I9B`H5%)%15]#3T1%("AA<F<I(#T]($%$1%)?15A04@HK("!I9B`H5%)%
M15]#3T1%("AA<F<I(#T](%-44DE.1U]#4U0I"BL@("`@>PHK("`@("`@*G!T
M<E]O9F9S970@/2!S:7IE7WIE<F]?;F]D93L**R`@("`@(')E='5R;B!A<F<[
M"BL@("`@?0HK("!E;'-E(&EF("A44D5%7T-/1$4@*&%R9RD@/3T@041$4E]%
M6%!2"B`@("`@("`F)B!44D5%7T-/1$4@*%12145?3U!%4D%.1"`H87)G+"`P
M*2D@/3T@4U1224Y'7T-35"D*("`@("!["B`@("`@("`J<'1R7V]F9G-E="`]
M('-I>F5?>F5R;U]N;V1E.PID:69F("UU("UR(&=C8RU/4DE'+W1R964N:"!G
M8V,O=')E92YH"BTM+2!G8V,M3U))1R]T<F5E+F@),C`P,RTP,RTR-"`Q.3HU
M.3HS-RXP,#`P,#`P,#`@*S`R,#`**RLK(&=C8R]T<F5E+F@),C`P-"TP.2TP
M-"`R,#HP-3HS,BXP,#`P,#`P,#`@*S`R,#`*0$`@+3$U-2PV("LQ-34L."!`
M0`H@("!U;G-I9VYE9"!L86YG7V9L86=?-2`Z(#$["B`@('5N<VEG;F5D(&QA
M;F=?9FQA9U\V(#H@,3L*("`@=6YS:6=N960@=6YU<V5D7S$@.B`Q.PHK"BL@
M('1R964@<&%R86U?8F5F;W)E7V%R<F%Y7V-O;G9E<G-I;VX[(`H@?3L*(`H@
M+RH@5&AE(&9O;&QO=VEN9R!T86)L92!L:7-T<R!T:&4@=7-E<R!O9B!E86-H
8(&]F('1H92!A8F]V92!F;&%G<R!A;F0*
`
end

Paul Sheer . . . . . . . . . . . . . . . . .  Tel  . . +27 (0)21 6869634
Email . . . http://2038bug.com/email.gif . . . . . . . . . . . . . . . .
http://www.icon.co.za/~psheer . . . . . . . . .  http://rute.2038bug.com
L I N U X . . . . . . . . . . . . . . . . The Choice of a GNU Generation