[Bug c/96916] New: warning: ‘strndup’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug c/96916] New: warning: ‘strndup’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
@ 2020-09-03  9:58 rjones at redhat dot com
  2020-09-03 10:56 ` [Bug c/96916] " rguenth at gcc dot gnu.org
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: rjones at redhat dot com @ 2020-09-03  9:58 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96916

            Bug ID: 96916
           Summary: warning: ‘strndup’ specified bound
                    18446744073709551615 exceeds maximum object size
                    9223372036854775807 [-Wstringop-overflow=]
           Product: gcc
           Version: 10.2.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: rjones at redhat dot com
  Target Milestone: ---

I'm not certain this is really a bug, but I don't understand it.  A simple
reproducer:

----------------------------------------------------------------------
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <string.h>

const char *
copyn (const char *str, size_t n)
{
  return strndup (str, n);
}

const char *
copy (const char *str)
{
  return copyn (str, SIZE_MAX);
}
----------------------------------------------------------------------

$ gcc -O2 -Wall -c test.c
In function ‘copyn’,
    inlined from ‘copy’ at test.c:15:10:
test.c:9:10: warning: ‘strndup’ specified bound 18446744073709551615 exceeds
maximum object size 9223372036854775807 [-Wstringop-overflow=]
    9 |   return strndup (str, n);
      |          ^~~~~~~~~~~~~~~~

$ gcc --version
gcc (GCC) 10.2.1 20200826 (Red Hat 10.2.1-3)
Copyright (C) 2020 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.


Note that it seems as if the compiler is claiming that strndup cannot cope with
a string larger than ssize_t (rather than size_t), which is unexpected.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug c/96916] warning: ‘strndup’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
  2020-09-03  9:58 [Bug c/96916] New: warning: ‘strndup’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=] rjones at redhat dot com
@ 2020-09-03 10:56 ` rguenth at gcc dot gnu.org
  2020-09-03 13:31 ` msebor at gcc dot gnu.org
  2020-09-03 13:39 ` msebor at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: rguenth at gcc dot gnu.org @ 2020-09-03 10:56 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96916

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |diagnostic

--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
There's an implementation-defined limit of object sizes induced by the
representation of the difference of addresses into such object which
is then exactly half the address space.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug c/96916] warning: ‘strndup’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
  2020-09-03  9:58 [Bug c/96916] New: warning: ‘strndup’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=] rjones at redhat dot com
  2020-09-03 10:56 ` [Bug c/96916] " rguenth at gcc dot gnu.org
@ 2020-09-03 13:31 ` msebor at gcc dot gnu.org
  2020-09-03 13:39 ` msebor at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: msebor at gcc dot gnu.org @ 2020-09-03 13:31 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96916

Martin Sebor <msebor at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|---                         |INVALID
                 CC|                            |msebor at gcc dot gnu.org

--- Comment #2 from Martin Sebor <msebor at gcc dot gnu.org> ---
Yes, the warning is by design and is issued for any built-in function that
takes an argument specifying the size of an object (malloc, memcpy, etc.). 
It's meant to help identify calls to allocation functions that are certain to
fail or that will overflow the destination.  Passing in PTRDIFF_MAX instead
should avoid the warning (as would of course calling strdup).

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug c/96916] warning: ‘strndup’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
  2020-09-03  9:58 [Bug c/96916] New: warning: ‘strndup’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=] rjones at redhat dot com
  2020-09-03 10:56 ` [Bug c/96916] " rguenth at gcc dot gnu.org
  2020-09-03 13:31 ` msebor at gcc dot gnu.org
@ 2020-09-03 13:39 ` msebor at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: msebor at gcc dot gnu.org @ 2020-09-03 13:39 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96916

--- Comment #3 from Martin Sebor <msebor at gcc dot gnu.org> ---
For strndup POSIX mentions the following application usage:

Implementations are free to malloc() a buffer containing either (size + 1)
bytes or (strnlen(s, size) + 1) bytes. Applications should not assume that
strndup() will allocate ( size + 1) bytes when strlen(s) is smaller than size.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-09-03 13:39 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-03  9:58 [Bug c/96916] New: warning: ‘strndup’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=] rjones at redhat dot com
2020-09-03 10:56 ` [Bug c/96916] " rguenth at gcc dot gnu.org
2020-09-03 13:31 ` msebor at gcc dot gnu.org
2020-09-03 13:39 ` msebor at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).