sprintf warning on overlapping output

Florian Weimer fw@deneb.enyo.de
Mon Sep 26 15:20:00 GMT 2016


* Jeff Law:

> On 09/25/2016 03:46 AM, Bernd Edlinger wrote:
>> Hi Martin,
>>
>> in the past I have seen (and fixed) code like
>>
>> sprintf(buf, "%s %d", buf, x);
>>
>> that may possibly work by chance, but usually
>> produces undefined results.
>>
>> Do you see a way to enhance the warning for cases
>> where the output buffer overlaps an input buffer?

> ISTM you really need strong PTA analysis here to nail down the
> pointers to a single object, then you can query their ranges and look
> for overlap.

We could detect this at run time in glibc with reasonable cost, I
think.  We should probably introduce new symbol versions if we do
that, to avoid breaking existing applications needlessly.

Or we could make this well-defined because it is such a useful
extension.



More information about the Gcc mailing list