[Bug c/71501] missing warning on printf %s with a non-nul terminated string
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71501 Martin Sebor changed: What|Removed |Added Known to fail||4.8.5, 4.9.4, 5.4.0, 6.4.0, ||7.3.0, 8.2.0, 9.0 --- Comment #4 from Martin Sebor --- GCC 8 and 9 detect the unterminated strncpy call but not yet passing the result to printf. I'm hoping to do it in GCC 10. $ gcc -O2 -S -Wall pr71501.c pr71501.c: In function ‘main’: pr71501.c:7:9: warning: unused variable ‘n’ [-Wunused-variable] char *n = "12345"; ^ pr71501.c:9:3: warning: ‘strncpy’ output truncated before terminating nul copying 5 bytes from a string of the same length [-Wstringop-truncation] strncpy(c, "12345", 5); ^~ GCC 9 detects some very simple cases of passing unterminated arrays to printf: $ cat z.c && gcc -O2 -S -Wall z.c const char a[] = { '1', '2', '3' }; void f (void) { __builtin_printf ("%s", a); } z.c: In function ‘f’: z.c:5:22: warning: ‘%s’ directive argument is not a nul-terminated string [-Wformat-overflow=] 5 | __builtin_printf ("%s", a); | ^~ ~ z.c:1:12: note: referenced argument declared here 1 | const char a[] = { '1', '2', '3' }; |^
[Bug c/71501] missing warning on printf %s with a non-nul terminated string
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71501 Martin Sebor changed: What|Removed |Added CC||prathamesh3492 at gcc dot gnu.org --- Comment #3 from Martin Sebor --- *** Bug 83959 has been marked as a duplicate of this bug. ***
[Bug c/71501] missing warning on printf %s with a non-nul terminated string
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71501 Bug 71501 depends on bug 49905, which changed state. Bug 49905 Summary: Better sanity checking on sprintf src & dest to produce warning for dodgy code ? https://gcc.gnu.org/bugzilla/show_bug.cgi?id=49905 What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED
[Bug c/71501] missing warning on printf %s with a non-nul terminated string
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71501 Bug 71501 depends on bug 49905, which changed state. Bug 49905 Summary: Better sanity checking on sprintf src & dest to produce warning for dodgy code ? https://gcc.gnu.org/bugzilla/show_bug.cgi?id=49905 What|Removed |Added Status|RESOLVED|REOPENED Resolution|FIXED |---
[Bug c/71501] missing warning on printf %s with a non-nul terminated string
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71501 Bug 71501 depends on bug 49905, which changed state. Bug 49905 Summary: Better sanity checking on sprintf src & dest to produce warning for dodgy code ? https://gcc.gnu.org/bugzilla/show_bug.cgi?id=49905 What|Removed |Added Status|ASSIGNED|RESOLVED Resolution|--- |FIXED
[Bug c/71501] missing warning on printf %s with a non-nul terminated string
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71501 Martin Sebor changed: What|Removed |Added Keywords||diagnostic Status|UNCONFIRMED |NEW Last reconfirmed||2016-06-11 CC||msebor at gcc dot gnu.org Depends on||49905, 71296 Summary|printf %s error on str[5], |missing warning on printf |for example: strncpy(str, |%s with a non-nul |"12345", 5) |terminated string Ever confirmed|0 |1 Severity|normal |enhancement --- Comment #2 from Martin Sebor --- Right, the test case is invalid. But it would be helpful if GCC issued a warning for it. With optimization, tree-ssa-strlen.c is able to detect that the array created by strncpy isn't NUL-terminated. Printf should be able to use that information to diagnose its use in a %s directive. The latter depends on bug 49905 being resolved in a smart way, and on __builtin_printf being hooked into the strlen optimization. Similarly, other string manipulation functions should be able to detect the same problem (this part is the subject of bug 71296). Since this is related to something I'm investigating I'll take the liberty to confirm this report as an enhancement request for such a warning. Referenced Bugs: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=49905 [Bug 49905] Better sanity checking on sprintf src & dest to produce warning for dodgy code ? https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71296 [Bug 71296] missing warning on strcat appending to a non-string