[clang] 1a29a23 - [Clang][Sema] Add fortify warnings for strcat (#168965)

Fri, 21 Nov 2025 11:15:42 -0800 

Author: venk-ks
Date: 2025-11-21T11:15:28-08:00
New Revision: 1a29a2359b70f1bb4141324162dcfe4d27a6f026

URL: 
https://github.com/llvm/llvm-project/commit/1a29a2359b70f1bb4141324162dcfe4d27a6f026
DIFF: 
https://github.com/llvm/llvm-project/commit/1a29a2359b70f1bb4141324162dcfe4d27a6f026.diff

LOG: [Clang][Sema] Add fortify warnings for strcat (#168965)

Continue to add fortify warnings that are missing in Clang for string
functions as part of #142230

Added: 
    

Modified: 
    clang/lib/Sema/SemaChecking.cpp
    clang/test/Sema/warn-fortify-source.c

Removed: 
    


################################################################################
diff  --git a/clang/lib/Sema/SemaChecking.cpp b/clang/lib/Sema/SemaChecking.cpp
index 3e1edc4548034..f4e58de91286b 100644
--- a/clang/lib/Sema/SemaChecking.cpp
+++ b/clang/lib/Sema/SemaChecking.cpp
@@ -1263,6 +1263,8 @@ void 
Sema::checkFortifiedBuiltinMemoryFunction(FunctionDecl *FD,
   switch (BuiltinID) {
   default:
     return;
+  case Builtin::BI__builtin_strcat:
+  case Builtin::BIstrcat:
   case Builtin::BI__builtin_stpcpy:
   case Builtin::BIstpcpy:
   case Builtin::BI__builtin_strcpy:
@@ -1273,6 +1275,7 @@ void 
Sema::checkFortifiedBuiltinMemoryFunction(FunctionDecl *FD,
     break;
   }
 
+  case Builtin::BI__builtin___strcat_chk:
   case Builtin::BI__builtin___stpcpy_chk:
   case Builtin::BI__builtin___strcpy_chk: {
     DiagID = diag::warn_fortify_strlen_overflow;

diff  --git a/clang/test/Sema/warn-fortify-source.c 
b/clang/test/Sema/warn-fortify-source.c
index 216878c0836d8..750bd5361ade9 100644
--- a/clang/test/Sema/warn-fortify-source.c
+++ b/clang/test/Sema/warn-fortify-source.c
@@ -76,6 +76,14 @@ void call_strcpy_nowarn(void) {
   __builtin_strcpy(dst, src);
 }
 
+void call_strcat(void) {
+  const char *const src = "abcd";
+  char dst1[5];
+  char dst2[4];
+  __builtin_strcat(dst1, src);
+  __builtin_strcat(dst2, src); // expected-warning {{'strcat' will always 
overflow; destination buffer has size 4, but the source string has length 5 
(including NUL byte)}}
+}
+
 void call_stpcpy(void) {
   const char *const src = "abcd";
   char dst1[5];


        
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to