Hello Michal,
Thank you for reporting this.
Michal Ambroz wrote:
during compilation of ddrescue 1.27 suggests couple of places which
potentially might result in some buffer overflow.
Not a "couple of places". Just one at main_common.cc:278, included from
main.cc:162 and from ddrescuelog.cc:107.
main_common.cc:278:28: warning: '%lld' directive output may be truncated
writing between 1 and 20 bytes into a region of size 16 [-Wformat-truncation]
278 | snprintf( buf, bufsize, "%lld %s", num, p );
| ^~~~
main_common.cc:278:27: note: directive argument in the range
[-9223372036854775807, 9223372036854775807]
This is neither a buffer overflow nor a format truncation. It is a false
warning because the absolute value of 'num' can't be larger than six digits
with a 64-bit 'long long'.
It seems that GCC should either become more clever and check the actual (not
the potential) range, or better yet, revert to the old behavior of assuming
that if the programmer uses snprintf with a buffer of a given size it is
because he wants that size.
Or are we supposed to waste memory allocating a buffer larger than
needed/wanted just to shut up the compiler?
BTW, just one month ago, this same warning in another function was
reported[1]. I "fixed" that by increasing the size of the buffer, but now
I'm questioning myself if it is wise to increase the size of all buffers
just to shut up current compilers.
[1] http://lists.gnu.org/archive/html/bug-ddrescue/2022-12/msg00002.html
Best regards,
Antonio.
