https://gcc.gnu.org/g:8c80fc106482dd38c09f0e5a45b6d4dcb3498e50
commit r16-313-g8c80fc106482dd38c09f0e5a45b6d4dcb3498e50
Author: David Malcolm <dmalc...@redhat.com>
Date: Wed Apr 30 16:50:16 2025 -0400
analyzer: add more test coverage for sprintf
gcc/testsuite/ChangeLog:
PR analyzer/107017
* c-c++-common/analyzer/sprintf-3.c: New test, covering use of
sprintf with specific format strings. Doesn't yet find problems
as the analyzer doesn't yet understand the format strings.
Signed-off-by: David Malcolm <dmalc...@redhat.com>
Diff:
---
gcc/testsuite/c-c++-common/analyzer/sprintf-3.c | 44 +++++++++++++++++++++++++
1 file changed, 44 insertions(+)
diff --git a/gcc/testsuite/c-c++-common/analyzer/sprintf-3.c
b/gcc/testsuite/c-c++-common/analyzer/sprintf-3.c
new file mode 100644
index 000000000000..ac5169e71b87
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/analyzer/sprintf-3.c
@@ -0,0 +1,44 @@
+/* See e.g. https://en.cppreference.com/w/c/io/fprintf
+ and https://www.man7.org/linux/man-pages/man3/sprintf.3.html */
+
+extern int
+sprintf(char* dst, const char* fmt, ...)
+ __attribute__((__nothrow__));
+
+#include "../../gcc.dg/analyzer/analyzer-decls.h"
+
+void test_text_ok (void)
+{
+ char buf[16];
+ sprintf (buf, "hello world");
+}
+
+void test_text_oob (void)
+{
+ char buf[3];
+ sprintf (buf, "hello world"); /* { dg-warning "out-of-bounds" "PR
analyzer/107017" { xfail *-*-* } } */
+}
+
+void test_percent_s_ok (void)
+{
+ char buf[16];
+ sprintf (buf, "%s", "foo");
+}
+
+void test_percent_s_oob (void)
+{
+ char buf[3];
+ sprintf (buf, "%s", "foo"); /* { dg-warning "out-of-bounds" "PR
analyzer/107017" { xfail *-*-* } } */
+}
+
+void test_percent_i_ok (void)
+{
+ char buf[16];
+ sprintf (buf, "%i", "42");
+}
+
+void test_percent_i_oob (void)
+{
+ char buf[4];
+ sprintf (buf, "%i", "1066"); /* { dg-warning "out-of-bounds" "PR
analyzer/107017" { xfail *-*-* } } */
+}
