From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 3D8FC3858D28; Sun, 16 Jun 2024 17:32:53 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3D8FC3858D28
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1718559173;
	bh=heEsMBntwYL8bIJu1XgfkEFHHCZvIOjQRA0Wy6iW3Js=;
	h=From:To:Subject:Date:From;
	b=G2wauedK2pSKFZQR4SYDqCnRpkcpcMEYdGMO7kW2u6nDMwp3ypm9GGTWm1vZ7WBvR
	 Qsk8xBcg327ASNN4hiLzHq170vRytE9s9trqs/Jb53pYYgiGT4Ica5MWmMRLLrlzgW
	 gagZmY4EMz8mV6D7ETWbE4o/X3Hyafq/HThXfLfs=
From: "peter at eisentraut dot org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug c/115513] New: attribute nonstring could help with printf
 mistakes
Date: Sun, 16 Jun 2024 17:32:52 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: c
X-Bugzilla-Version: 14.1.0
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: peter at eisentraut dot org
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status
 bug_severity priority component assigned_to reporter target_milestone
 attachments.created
Message-ID: <bug-115513-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D115513

            Bug ID: 115513
           Summary: attribute nonstring could help with printf mistakes
           Product: gcc
           Version: 14.1.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: peter at eisentraut dot org
  Target Milestone: ---

Created attachment 58446
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=3D58446&action=3Dedit
test file

Consider this test program (also attached):

```
#include <stdio.h>
#include <string.h>

struct Data
{
        char name[32] __attribute__((nonstring));
};

int f (struct Data *pd, const char *s)
{
        strncpy(pd->name, s, sizeof pd->name);

        printf("%s", pd->name);  // unsafe, no warning!?!

        return strlen(pd->name);   // unsafe, gets a warning
}
```

Compile with, e.g.: gcc-14 -c -Wall -Wextra -O2 test.c

As per the documentation, this will warn about the strlen() call.

But it doesn't warn about the printf() call.  This would be quite useful and
seems to be a gap in the warning coverage of this attribute.=