https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81117
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |diagnostic
Status|UNCONFIRMED |NEW
Last reconfirmed| |2017-06-17
CC| |msebor at gcc dot gnu.org
Ever confirmed|0 |1
--- Comment #2 from Martin Sebor <msebor at gcc dot gnu.org> ---
GCC 7 prints the warnings below (regardless of _FORTIFY_SOURCE). With earlier
GCC versions the overflow warnings depend on the string functions being
instrumented with GCC-specific Object Size Checking primitives. Unless this
instrumentation is present on Cygwin the warnings won't trigger.
It shouldn't be hard to diagnose call #4 in the simple cases where the last
argument is a direct call to strlen(). Let me look into it for GCC 8. Thanks
for the suggestion!
$ gcc -O2 -S -Wall -Wextra -Wpedantic t.c
In file included from /usr/include/string.h:630:0,
from t.c:1:
t.c: In function ‘test’:
t.c:9:29: warning: argument to ‘sizeof’ in ‘__builtin_strncpy’ call is the same
expression as the source; did you mean to provide an explicit length?
[-Wsizeof-pointer-memaccess]
strncpy(buf, str, sizeof(str)); // 3
^
t.c:7:5: warning: ‘__builtin_memcpy’ writing 2 bytes into a region of size 0
overflows the destination [-Wstringop-overflow=]
strncpy(buf, "12345", sizeof("12345")); // 1
^
t.c:8:5: warning: ‘__builtin_memcpy’ writing 5 bytes into a region of size 2
overflows the destination [-Wstringop-overflow=]
strncpy(buf, "12345", strlen("12345")); // 2
^
t.c:9:5: warning: ‘__builtin_strncpy’ writing 8 bytes into a region of size 2
overflows the destination [-Wstringop-overflow=]
strncpy(buf, str, sizeof(str)); // 3
