https://gcc.gnu.org/bugzilla/show_bug.cgi?id=122963
Bug ID: 122963
Summary: -Wstrncat: New diagnostic option
Product: gcc
Version: 16.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: [email protected]
Target Milestone: ---
Please move diagnostics related to strncat(3) to a separate diagnostic flag.
They are dubious, as they diagnose valid uses of strncat(3), and don't diagnose
those that are dubious.
Having the diagnostics under -Wstringop-overflow and -Wsizeof-pointer-memaccess
is dangerous, as those flags are otherwise very important (especially
-Wstringop-overflow).
These false positives force some programmers to turn off the whole diagnostics,
which is bad.
alx@devuan:~/tmp$ cat s.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int
main(void)
{
char buf[BUFSIZ];
size_t len;
buf[0] = '\0'; // There’s no ’cpy’ function to this ’cat’.
strncat(buf, "Hello ", 6);
strncat(buf, "world", 42);
strncat(buf, "!", sizeof("!"));
len = strlen(buf);
printf("[len = %zu]: <%s>\n", len, buf);
exit(EXIT_SUCCESS);
}
alx@devuan:~/tmp$ gcc -Wall -Wextra s.c
s.c: In function ‘main’:
s.c:14:33: warning: argument to ‘sizeof’ in ‘strncat’ call is the same
expression as the source; did you mean to use the size of the destination?
[-Wsizeof-pointer-memaccess]
14 | strncat(buf, "!", sizeof("!"));
| ^
s.c:12:9: warning: ‘strncat’ specified bound 6 equals source length
[-Wstringop-overflow=]
12 | strncat(buf, "Hello ", 6);
| ^~~~~~~~~~~~~~~~~~~~~~~~~
See also:
<https://inbox.sourceware.org/gcc/[email protected]/T/>
