From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-return-198585-listarch-gcc=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 2978 invoked by alias); 25 Mar 2019 16:39:49 -0000
Mailing-List: contact gcc-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc/>
List-Post: <mailto:gcc@gcc.gnu.org>
List-Help: <http://gcc.gnu.org/ml/>
Sender: gcc-owner@gcc.gnu.org
Received: (qmail 2958 invoked by uid 89); 25 Mar 2019 16:39:48 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-4.3 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.1 spammy=H*f:sk:ba0c56f, H*i:sk:ba0c56f, detect
X-HELO: mail-qk1-f178.google.com
Received: from mail-qk1-f178.google.com (HELO mail-qk1-f178.google.com) (209.85.222.178) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 25 Mar 2019 16:39:46 +0000
Received: by mail-qk1-f178.google.com with SMTP id y5so5710405qkc.11        for <gcc@gcc.gnu.org>; Mon, 25 Mar 2019 09:39:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;        d=gmail.com; s=20161025;        h=subject:to:references:from:message-id:date:user-agent:mime-version         :in-reply-to:content-language:content-transfer-encoding;        bh=71MZN/F8yjav87wonJqb0bkNeTdmGRoMlpiMHWTSvts=;        b=gQ33f48zsfR04a+vTr51WWASgxx6E1AaXGEC7J50mwb40uDFBMsw8lcPHRu/fS8TAp         TKxXVnXreB2tST5EzExPJsuRAA7QSwKurCYejp08hs0QO5VTG9hY350bJ19p8P163kbP         8mxSkrqdRqvPOXPSsrNKBYfRf9Q1CIriFaz5gANtH61a1WBDaGyq55xpaPVm4MsS8Nam         1mEgstJ90mcsV0lnUurN0uDMD3GXmOgfN8wV73khlXWnDin82mWAC58N3QvrOT60haqC         4kAn5xaNg6f2T54pfj2dxB5KOdMjDbOy24mbRBzUAwHWShsIYfNynvVDTFXzzFd3kdl7         0cYQ==
Return-Path: <msebor@gmail.com>
Received: from [192.168.0.41] (75-166-119-163.hlrn.qwest.net. [75.166.119.163])        by smtp.gmail.com with ESMTPSA id n5sm6376147qkk.4.2019.03.25.09.39.43        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);        Mon, 25 Mar 2019 09:39:43 -0700 (PDT)
Subject: Re: Warning in gcc/libiberty/dyn-string.c during build
To: nick <xerofoify@gmail.com>, GCC Development <gcc@gcc.gnu.org>
References: <ba0c56f7-2d35-d3f5-d706-98cb11fcc205@gmail.com>
From: Martin Sebor <msebor@gmail.com>
Message-ID: <975ea136-c15b-c93b-9e0d-927a2ffa2844@gmail.com>
Date: Mon, 25 Mar 2019 16:39:00 -0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.3.1
MIME-Version: 1.0
In-Reply-To: <ba0c56f7-2d35-d3f5-d706-98cb11fcc205@gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-IsSubscribed: yes
X-SW-Source: 2019-03/txt/msg00199.txt.bz2

On 3/23/19 9:49 PM, nick wrote:
> Greetings all,
> I just got this in my build output:
> ar: `u' modifier ignored since `D' is the default (see `U')
> configure: WARNING: cannot check for properly working vsnprintf when cross compiling, will assume it's ok
> ../../gcc/libiberty/dyn-string.c: In function ‘dyn_string_insert_cstr’:
>   ../../gcc/libiberty/dyn-string.c:280:3: warning: ‘strncpy’ output truncated before terminating nul copying as many bytes from a string as its length [-Wstringop-truncation]
>   strncpy (dest->s + pos, src, length);
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>   ../../gcc/libiberty/dyn-string.c:272:16: note: length computed here
> 272 |   int length = strlen (src);
> |                ^~~~~~~~~~~~
>   ../../gcc/libiberty/dyn-string.c: In function ‘dyn_string_insert_cstr’:
> \ ../../gcc/libiberty/dyn-string.c:280:3: warning: ‘strncpy’ output truncated before terminating nul copying as many bytes from a string as its length [-Wstringop-truncation]
> 280 |   strncpy (dest->s + pos, src, length);
> |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>   ../../gcc/libiberty/dyn-string.c:272:16: note: length computed here
> 272 |   int length = strlen (src);
> |                ^~~~~~~~~~~~
> 
> I've already looked through git blame and it seems this code was last touched in 2000. That warning seems
> to be  new to gcc 8 after a little research so is this a rather old bug that was not found and very
> subtle or is this a mislabel. Seems to be a mislabel to me but I'm new to the code base so just thought
> I would ask.

The warning detects strncpy calls that create unterminated string
copies.  That can happen for example when the function is misused
by specifying a bound that's equal to the length of the source,
as in:

   void f (char *d, const char *s)
   {
     int n = strlen (s);
     strncpy (d, s, n);
   }

But the warning is far from perfect and it cannot distinguish
all the incorrect misuses from the benign ones.  For instance,
it triggers in the case below even though the copy is nul
terminated:

   void g (char *d, const char *s)
   {
     int n = strlen (s);
     d[n] = 0;
     strncpy (d, s, n);
   }

In dyn_string_insert_cstr(), although the strnlen call itself
doesn't nul-terminate the copy (and so the warning isn't strictly
incorrect), the loop before the call does make sure the copy is
nul-terminated (similarly to function g above), and so the result
is a valid nul-terminated string.

I've been working on improving the warning to detect more instances
of nul-termination but I don't expect it to ever be smart enough
to figure out cases as complex as this one.  Using memcpy instead
of strncpy would avoid the warning.  (The loop above the strncpy
call could also be replaced by a call to memmove for efficiency.)

Martin