public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "patrickdepinguin at gmail dot com" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug other/103736] New: snprintf bogus format-truncation, disregarding modulo on argument
Date: Wed, 15 Dec 2021 14:39:44 +0000 [thread overview]
Message-ID: <bug-103736-4@http.gcc.gnu.org/bugzilla/> (raw)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103736
Bug ID: 103736
Summary: snprintf bogus format-truncation, disregarding modulo
on argument
Product: gcc
Version: 11.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: other
Assignee: unassigned at gcc dot gnu.org
Reporter: patrickdepinguin at gmail dot com
Target Milestone: ---
gcc 11.2.0 and gcc 9.4.0 give a bogus format-truncation warning on following
test case compiled with -Wall and -O2:
#include <stdint.h>
#include <stdio.h>
void func(void) {
extern int8_t timezoneval;
char timezone[1+2+1];
if(timezoneval < 0)
{
snprintf(timezone, sizeof(timezone),"-%02d",-(timezoneval % 100));
}
else
{
snprintf(timezone, sizeof(timezone),"+%02d", timezoneval % 100);
}
}
Warning:
/tmp/test.cpp: In function 'void func()':
/tmp/test.cpp:15:52: warning: 'snprintf' output may be truncated before the
last format character [-Wformat-truncation=]
15 | snprintf(timezone, sizeof(timezone),"+%02d", timezoneval %
100);
| ^
/tmp/test.cpp:15:18: note: 'snprintf' output between 4 and 5 bytes into a
destination of size 4
15 | snprintf(timezone, sizeof(timezone),"+%02d", timezoneval %
100);
|
~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Since timezoneval is used modulo 100, it will not take up more than two digits
(note that if timezoneval is negative, its value is negated first, so the
string representation will be positive). Together with the literal sign
character, and the null-termination, max. total size is 4 bytes. Yet, gcc
considers that 5 bytes may be needed.
When the parentheses in the first snprintf are omitted, causing the modulo
operator to operate on the negated timezoneval, the warning disappears. Funnily
enough, the warning is about the _second_, unmodified, snprintf:
#include <stdint.h>
#include <stdio.h>
void func(void) {
extern int8_t timezoneval;
char timezone[1+2+1];
if(timezoneval < 0)
{
snprintf(timezone, sizeof(timezone),"-%02d",-timezoneval % 100);
}
else
{
snprintf(timezone, sizeof(timezone),"+%02d", timezoneval % 100);
}
}
I found some possibly related older bugs, but was unsure if it's the same and
known to still apply on gcc 11. Feel free to mark this one as duplicated to the
relevant one.
Bug #78969 - bogus snprintf truncation warning due to missing range info
Bug #77721 - -Wformat-truncation not uses arg range for converted vars
Bug #94021 - -Wformat-truncation false positive due to excessive integer range
next reply other threads:[~2021-12-15 14:39 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-15 14:39 patrickdepinguin at gmail dot com [this message]
2021-12-15 17:12 ` [Bug other/103736] " msebor at gcc dot gnu.org
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-103736-4@http.gcc.gnu.org/bugzilla/ \
--to=gcc-bugzilla@gcc.gnu.org \
--cc=gcc-bugs@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).