public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "msebor at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug middle-end/102337] bogus -Wformat-truncation due to incomplete sprintf/strlen integration
Date: Wed, 15 Sep 2021 15:21:55 +0000	[thread overview]
Message-ID: <bug-102337-4-va0zyYYQhh@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-102337-4@http.gcc.gnu.org/bugzilla/>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102337

Martin Sebor <msebor at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|                            |85741
            Summary|possibly wrong warning      |bogus -Wformat-truncation
                   |about truncation            |due to incomplete
                   |                            |sprintf/strlen integration

--- Comment #1 from Martin Sebor <msebor at gcc dot gnu.org> ---
In the absence of data flow information -Wformat-truncation (and
-Wformat-overflow) uses the sizes of the arrays pointed to by arguments to the
%s directive as the upper bound of the lengths of the strings being formatted. 
In the test case in comment #0 the results of the first two snprintf calls
computed by GCC are discarded (not used for subsequent data flow analysis) and
so the warning assumes that the length of each of the two strings in the last
call to snprintf() is 127 and triggers.  To do better the warning needs to be
enhanced to feed the results of snprintf calls to the strlen pass so that they
are available when computing the lengths of strings in subsequent calls.  This
enhancement is the subject of pr92813 so this bug is effectively a duplicate of
that one.

(Replacing the first two snprintf calls with strcpy avoids the warning because
string lengths computed by GCC for arguments of strcpy calls are available to
the snprintf warning.)


Referenced Bugs:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85741
[Bug 85741] [meta-bug] bogus/missing -Wformat-overflow

      parent reply	other threads:[~2021-09-15 15:21 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-15  1:04 [Bug c/102337] New: possibly wrong warning about truncation rootkit85 at yahoo dot it
2021-09-15  8:58 ` [Bug middle-end/102337] " marxin at gcc dot gnu.org
2021-09-15 15:21 ` msebor at gcc dot gnu.org [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-102337-4-va0zyYYQhh@http.gcc.gnu.org/bugzilla/ \
    --to=gcc-bugzilla@gcc.gnu.org \
    --cc=gcc-bugs@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).