From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id A0D0F3877023; Tue, 17 Mar 2020 22:21:02 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A0D0F3877023 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1584483662; bh=29wDkkJhfjLqzZJdkItJRU1Hr4mmDQnVctYjjsTNV4Y=; h=From:To:Subject:Date:From; b=cZ4z9Z1XTbX//BK52uT0QOfAJ2kPlyFVF9zUjcznHAukdp7olCJwbLoBJ36kJ3KZz M8WopEWNRo1RUs0o45D0HvM63mLPlefe7yauX86eiswDiKyIT3JY5eyAxbGD87N8S9 p/JFxOnoaDjCyGomofEqNuTbeqmkoqfZrfCg1drU= From: "msebor at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug middle-end/94208] New: missing warning on passing unterminated local array to string functions Date: Tue, 17 Mar 2020 22:21:02 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: middle-end X-Bugzilla-Version: 10.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: msebor at gcc dot gnu.org X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gcc-bugs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-bugs mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Mar 2020 22:21:02 -0000 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D94208 Bug ID: 94208 Summary: missing warning on passing unterminated local array to string functions Product: gcc Version: 10.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: middle-end Assignee: unassigned at gcc dot gnu.org Reporter: msebor at gcc dot gnu.org Target Milestone: --- GCC 10 diagnoses only one out of the three invalid uses of the unterminated array below. The strlen pass "knows" the number of non-zero characters in = each of the local arrays and it also knows it's equal to the size of the array s= o it has all it needs to diagnose the calls. The problem is the same with other string functions (e.g., strlen or sprint= f) so a complete fix should extend the warning to all of them. $ cat t.c && gcc -O2 -S -Wall -Wextra -Wpedantic -fdump-tree-optimized=3D/dev/stdout t.c const char a[4] =3D { '1', '2', '3', '4' }; void f0 (char *d) { __builtin_strcpy (d, a); // warning (good) } void f1 (char *d) { const char a[4] =3D { '1', '2', '3', '4' }; __builtin_strcpy (d, a); // missing warning } void f2 (char *d) { __builtin_strcpy (d, (char[4]){ '1', '2', '3', '4' }); // missing warni= ng } t.c: In function =E2=80=98f0=E2=80=99: t.c:5:3: warning: =E2=80=98strcpy=E2=80=99 argument missing terminating nul [-Wstringop-overflow=3D] 5 | __builtin_strcpy (d, a); // warning (good) | ^~~~~~~~~~~~~~~~~~~~~~~ t.c:1:12: note: referenced argument declared here 1 | const char a[4] =3D { '1', '2', '3', '4' }; | ^ ;; Function f0 (f0, funcdef_no=3D0, decl_uid=3D1931, cgraph_uid=3D1, symbol= _order=3D1) f0 (char * d) { [local count: 1073741824]: __builtin_strcpy (d_2(D), &a); [tail call] return; } ;; Function f1 (f1, funcdef_no=3D1, decl_uid=3D1934, cgraph_uid=3D2, symbol= _order=3D2) f1 (char * d) { const char a[4]; [local count: 1073741824]: a =3D "1234"; __builtin_strcpy (d_3(D), &a); a =3D{v} {CLOBBER}; return; } ;; Function f2 (f2, funcdef_no=3D2, decl_uid=3D1938, cgraph_uid=3D3, symbol= _order=3D3) f2 (char * d) { char D.1940[4]; [local count: 1073741824]: MEM [(char *)&D.1940] =3D 875770417; __builtin_strcpy (d_6(D), &D.1940); D.1940 =3D{v} {CLOBBER}; return; }=