On Fri, 2017-09-15 at 13:14 +0200, Mark Wielaard wrote: > When compiling with -O3 gcc finds an interesting error: > > src/ar.c: In function ‘do_oper_insert’: > src/ar.c:1077:56: error: ‘%-*ld’ directive output may be truncated > writing between 6 and 10 bytes into a region of size 7 [- > Werror=format-truncation=] > snprintf (tmpbuf, sizeof (tmpbuf), ofmt ? "%-*lo" : "%-*ld", > bufsize, val); > ^~~~~ > The problem is that the ar header values have to fit in a limited > (not zero terminated) string. We should check the snprintf return > value to see if the values are representable. > > Also make ar valgrind and ubsan clean and add a minimal sanity test.
I pushed this to master.
