[Bug c/67729] -Wformat should warn for %Ns where the buffer size is known to be less than N in size
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67729 --- Comment #5 from David Binderman --- I just noticed that clang-16.0.6 now implements this check: $ clang++ -c -g -O2 -Wall -Wextra -Wformat=2 -D_FORTIFY_SOURCE=2 sep9a.cc sep9a.cc:13:29: warning: 'fscanf' may overflow; destination buffer in argument 3 has size 10, but the corresponding specifier may require size 11 [-Wfortify-source] while (fscanf( fp, "%10s", buf)) ^ sep9a.cc:17:29: warning: 'fscanf' may overflow; destination buffer in argument 3 has size 10, but the corresponding specifier may require size 21 [-Wfortify-source] while (fscanf( fp, "%20s", buf)) ^ 2 warnings generated. $ Still nothing from gcc: $ ~/gcc/results/bin/g++ -c -g -O2 -Wall -Wextra -Wformat=2 -D_FORTIFY_SOURCE=2 sep9a.cc $
[Bug c/67729] -Wformat should warn for %Ns where the buffer size is known to be less than N in size
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67729 Martin Sebor changed: What|Removed |Added See Also||https://gcc.gnu.org/bugzill ||a/show_bug.cgi?id=72783 --- Comment #4 from Martin Sebor --- This looks like a near dupe of bug 72783 (or vice versa), though not exactly the same. That one asks for hardening which will be harder. Warning should be a lot easier. The file where -Wformat-overflow is implemented for sprintf et al. is gimple-ssa-sprintf.c. -Wformat alone is handled in c-family/c-format.c but that's not a good place to do buffer overflow checking (it runs too early to have knowledge of object sizes in all but the most trivial cases).
[Bug c/67729] -Wformat should warn for %Ns where the buffer size is known to be less than N in size
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67729 Eric Gallager changed: What|Removed |Added CC||egallager at gcc dot gnu.org, ||msebor at gcc dot gnu.org --- Comment #3 from Eric Gallager --- Martin should probably know.
[Bug c/67729] -Wformat should warn for %Ns where the buffer size is known to be less than N in size
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67729 --- Comment #2 from David Binderman --- Three years later, enhancement not implemented. See https://sourceware.org/bugzilla/show_bug.cgi?id=23490 for an example where glibc would have benefited from this enhancement. If someone can give me a clue which source code file / function to look at, then I'd be happy to have a look myself.
[Bug c/67729] -Wformat should warn for %Ns where the buffer size is known to be less than N in size
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67729 Andrew Pinski changed: What|Removed |Added Keywords||diagnostic Status|UNCONFIRMED |NEW Last reconfirmed||2016-01-14 Summary|scanf is missing buffer |-Wformat should warn for |length sanity check ? |%Ns where the buffer size ||is known to be less than N ||in size Ever confirmed|0 |1 Severity|normal |enhancement --- Comment #1 from Andrew Pinski --- Confirmed.