https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78138
Bug ID: 78138 Summary: missing warnings on buffer overflow with non-constant source length Product: gcc Version: 7.0 Status: UNCONFIRMED Severity: enhancement Priority: P3 Component: middle-end Assignee: unassigned at gcc dot gnu.org Reporter: msebor at gcc dot gnu.org Target Milestone: --- This is just a record of a limitation addressed in a patch already posted for review (https://gcc.gnu.org/ml/gcc-patches/2016-10/msg02308.html). In the following program the calls to strcpy and memcpy clearly overflow, even though the exact size of the source sequence in each case isn't known. It would be helpful if GCC detected this overflow and issued a warning at compile time, rather than having the compiled program crash at runtime. $ cat b.c && for o in "" -DCHK=1; do /build/gcc-git/gcc/xgcc -B /build/gcc-git/gcc $o -O2 -S b.c; done char d [5]; #ifdef CHK # define bos(p, t) __builtin_object_size (d, t) # define memcpy(d, s, n) __builtin___memcpy_chk (d, s, n, bos (d, 1)) # define strcpy(d, s) __builtin___strcpy_chk (d, s, bos (d, 1)) #else void* memcpy (void*, const void*, unsigned long); extern char* strcpy (char*, const char*); #endif void f (int i, int j) { strcpy (d, j ? "12345" : "123456"); } void g (void *p) { extern unsigned n; if (n < 17 || 32 < n) n = 7; memcpy (d, p, n); };