https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89312
--- Comment #3 from Martin Sebor <msebor at gcc dot gnu.org> ---
I understand your frustration but there is no good way to tell a benign
truncation from a potentially dangerous bug, so GCC errs on the side of caution
here.
The -Wformat-truncation option detects a number of other kinds of problems, not
just truncation, so turning it off for the whole project will prevent those
other kinds of bugs from being detected. Among these are passing null pointers
as arguments to %s directives, or unterminated arrays, as shown in the test
case below. In the future, GCC will detect other problems, including passing
unintialized arrays to %s and overlapping copies. So I would suggest to
consider using more targeted suppression techniques such as testing the return
value.
$ cat t.c && gcc -S -O2 -Wall t.c
const char a[4] = { '1', '2', '3', '4' };
void f (char *d, unsigned n, const char *s)
{
__builtin_snprintf (d, n, "a = %s", a);
if (s) // typo: should have been 'if (!s)'
return;
__builtin_snprintf (d, n, "s = %s", s);
}
t.c: In function ‘f’:
t.c:5:34: warning: ‘%s’ directive argument is not a nul-terminated string
[-Wformat-truncation=]
5 | __builtin_snprintf (d, n, "a = %s", a);
| ^~ ~
t.c:1:12: note: referenced argument declared here
1 | const char a[4] = { '1', '2', '3', '4' };
| ^
t.c:10:3: warning: ‘%s’ directive argument is null [-Wformat-truncation=]
10 | __builtin_snprintf (d, n, "s = %s", s);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
