From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 4F5FA385771F; Thu,  6 Jul 2023 20:41:01 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 4F5FA385771F
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1688676061;
	bh=Lm5CgiDOCpeRgfF1hrIflyJoFNehr1Mio5OMRaLNx2g=;
	h=From:To:Subject:Date:In-Reply-To:References:From;
	b=kaD8GBnAO9VAKfVyHsGwsbfvcE+HuljWUhIYTJ64CyM1aPtP4qEykYag+UNbbxM4A
	 4SA5MUGa+bkDGk6obTq8Y0XXpw19vHI51wSZ8FQTL30Cm860HanAOiSLme3MWUEfzR
	 Pi2k36gL/ia31NNmC7UMKkQ0+PMqTyYUISkPZb74=
From: "pinskia at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug tree-optimization/110579] O2, O1 opmtimizations cause a buffer
 overflow panic during a strcpy
Date: Thu, 06 Jul 2023 20:41:00 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: tree-optimization
X-Bugzilla-Version: 11.3.0
X-Bugzilla-Keywords: diagnostic
X-Bugzilla-Severity: normal
X-Bugzilla-Who: pinskia at gcc dot gnu.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: INVALID
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: resolution bug_status
Message-ID: <bug-110579-4-xfxSyG30VW@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-110579-4@http.gcc.gnu.org/bugzilla/>
References: <bug-110579-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D110579

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |INVALID
             Status|UNCONFIRMED                 |RESOLVED

--- Comment #3 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
The warning:
In function =E2=80=98strcpy=E2=80=99,
    inlined from =E2=80=98start_header=E2=80=99 at create.c:695:7:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:79:10: warning:
=E2=80=98__builtin___strcpy_chk=E2=80=99 writing 8 bytes into a region of s=
ize 6
[-Wstringop-overflow=3D]
   79 |   return __builtin___strcpy_chk (__dest, __src, __glibc_objsize
(__dest));
      |=20=20=20=20=20=20=20=20=20
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Which comes from:

      strcpy (header->header.magic, "ustar  "); //8


The code is not _FORTIFY_SOURCE=3D2 safe which requires strcpy to only write
exactly the amount to those fields and not combine character fields as
different.


  char magic[6];
  char version[2];=