https://bugs.kde.org/show_bug.cgi?id=401284
--- Comment #11 from Mark Wielaard <m...@klomp.org> ---
(In reply to Paul Floyd from comment #9)
> > src_orig, \
> > (Addr)dst-(Addr)dst_orig+1, \
> > - (Addr)src-(Addr)src_orig+1)) \
> > + n)) \
> > RECORD_OVERLAP_ERROR("strncat", dst_orig, src_orig, n); \
>
> We need to keep the calculated lengths - either or both sting can be shorter
> than n.
ah, yes. Thanks for double checking and pushing this fix through.
I think what you pushed is correct.
But I think in general "overlap" in these string functions is not well defined
because it isn't always clear of the NUL terminator is part of the
string/operation or not (like in this case). And for code that does what this
example code does the mem/byte functions are more clear.
BTW. The gcc 13 does produce a pretty clear warning for this code if we help it
see the exact length:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int main(int argc, char* argv[])
{
size_t len = strlen(argv[1]);
if (len == 7) {
char* buf = (char*) malloc(2 * len + 1);
memcpy(buf, argv[1], len + 1);
strncat(buf + len, buf, len);
printf("%s\n", buf);
free(buf);
}
return 0;
}
$ gcc -g -O2 -Wall -o vbug vbug.c
vbug.c: In function ‘main’:
vbug.c:11:5: warning: ‘strncat’ output truncated before terminating nul copying
7 bytes from a string of the same length [-Wstringop-truncation]
11 | strncat(buf + len, buf, len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
--
You are receiving this mail because:
You are watching all bug changes.
