https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78673
Bug ID: 78673
Summary: sprintf missing attribute nonnull on destination
argument
Product: gcc
Version: 7.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
Thew first argument of the sprintf function designates the destination into
which the function writes the formatted output followed a terminating nul
character. Thus the argument must be a non-null pointer. The declarations of
GCC sprintf built-ins (sprintf, vsprintf, and their checking counterparts) are
missing attribute nonnull on their first argument. The test case below shows
that the built-ins do have the attribute on the format argument (hence the
-Wnonnull warning). It also shows that the -Wformat-length option duplicates
the warning in the null pointer constant cases.
$ cat a.c && gcc -S -Wall -Wextra -Wpedantic a.c
void f0 (char *d)
{
__builtin_sprintf (d, (char*)0);
}
void f1 (void)
{
__builtin_sprintf ((char*)0, "%i", 1); // missing warning
}
void f2 (char *d, __builtin_va_list va)
{
__builtin_vsprintf (d, (char*)0, va);
}
void f3 (__builtin_va_list va)
{
__builtin_vsprintf ((char*)0, "%i", va); // missing warning
}
void f4 (char *d, unsigned n)
{
__builtin___sprintf_chk (d, 0, n, (char*)0);
}
void f5 (unsigned n)
{
__builtin___sprintf_chk ((char*)0, 0, n, "%i", 1); // missing warning
}
void f6 (char *d, unsigned n, __builtin_va_list va)
{
__builtin___vsprintf_chk (d, 0, n, (char*)0, va);
}
void f7 (unsigned n, __builtin_va_list va)
{
__builtin___vsprintf_chk ((char*)0, 0, n, "%i", va); // missing warning
}
a.c: In function ‘f0’:
a.c:3:3: warning: null argument where non-null required (argument 2)
[-Wnonnull]
__builtin_sprintf (d, (char*)0);
^~~~~~~~~~~~~~~~~
a.c: In function ‘f2’:
a.c:13:3: warning: null argument where non-null required (argument 2)
[-Wnonnul]
__builtin_vsprintf (d, (char*)0, va);
^~~~~~~~~~~~~~~~~~
a.c:13:3: warning: too many arguments for format [-Wformat-extra-args]
a.c: In function ‘f4’:
a.c:23:3: warning: null argument where non-null required (argument 4)
[-Wnonnul]
__builtin___sprintf_chk (d, 0, n, (char*)0);
^~~~~~~~~~~~~~~~~~~~~~~
a.c: In function ‘f6’:
a.c:33:3: warning: null argument where non-null required (argument 4)
[-Wnonnul]
__builtin___vsprintf_chk (d, 0, n, (char*)0, va);
^~~~~~~~~~~~~~~~~~~~~~~~
a.c:33:3: warning: too many arguments for format [-Wformat-extra-args]
a.c: In function ‘f0’:
a.c:1:6: warning: null format string [-Wformat-length=]
void f0 (char *d)
^~
a.c: In function ‘f2’:
a.c:11:6: warning: null format string [-Wformat-length=]
void f2 (char *d, __builtin_va_list va)
^~
a.c: In function ‘f4’:
a.c:21:6: warning: null format string [-Wformat-length=]
void f4 (char *d, unsigned n)
^~
a.c: In function ‘f6’:
a.c:31:6: warning: null format string [-Wformat-length=]
void f6 (char *d, unsigned n, __builtin_va_list va)
^~
