https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92942
Martin Sebor <msebor at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Target Milestone|--- |11.0 See Also| |https://gcc.gnu.org/bugzill | |a/show_bug.cgi?id=97342 Status|ASSIGNED |RESOLVED --- Comment #4 from Martin Sebor <msebor at gcc dot gnu.org> --- The patch referenced in comment #2 was never reviewed but the bug was resolved by the improvements to compute_objsize() committed as part of the fix for pr97342. GCC 11 detects both buffer overflows: $ gcc -O2 -S -Wall pr92942.c pr92942.c: In function ‘f’: pr92942.c:10:3: warning: ‘__builtin_memcpy’ writing 6 bytes into a region of size between 0 and 3 [-Wstringop-overflow=] 10 | strcpy (p, "12345"); // buffer overflow detected | ^~~~~~~~~~~~~~~~~~~ pr92942.c:9:13: note: at offset 0 to an object with size at most 3 allocated by ‘malloc’ here 9 | void *p = malloc (n); | ^~~~~~~~~~ pr92942.c: In function ‘g’: pr92942.c:20:3: warning: ‘__builtin_memcpy’ writing 6 bytes into a region of size between 0 and 3 [-Wstringop-overflow=] 20 | strcpy (p, "12345"); // buffer overflow not detected | ^~~~~~~~~~~~~~~~~~~ pr92942.c:19:13: note: at offset 0 to an object with size at most 3 allocated by ‘malloc’ here 19 | void *p = malloc (n); | ^~~~~~~~~~