https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95795
Bug ID: 95795
Summary: missing warning on strnlen with a nonstring and
excessive bound
Product: gcc
Version: 10.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: middle-end
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
GCC warns for the first call to strnlen in f() that may read past the end of
the unterminated array but it fails to warn for the second equally unsafe call
in g().
$ cat z.c && gcc -O2 -S -fdump-tree-optimized=/dev/stdout z.c
__attribute__ ((nonstring)) char a[3];
int f (void)
{
return __builtin_strnlen (a, 7);
}
int g (int i)
{
return __builtin_strnlen (a + i, 7);
}
;; Function f (f, funcdef_no=0, decl_uid=1931, cgraph_uid=1, symbol_order=1)
f ()
{
long unsigned int _1;
int _3;
<bb 2> [local count: 1073741824]:
_1 = __builtin_strnlen (&a, 7);
_3 = (int) _1;
return _3;
}
z.c: In function ‘f’:
z.c:5:10: warning: ‘__builtin_strnlen’ argument 1 declared attribute
‘nonstring’ is smaller than the specified bound 7 [-Wstringop-overflow=]
5 | return __builtin_strnlen (a, 7);
| ^~~~~~~~~~~~~~~~~~~~~~~~
z.c:1:34: note: argument ‘a’ declared here
1 | __attribute__ ((nonstring)) char a[3];
| ^
;; Function g (g, funcdef_no=1, decl_uid=1934, cgraph_uid=2, symbol_order=2)
g (int i)
{
sizetype _1;
const char * _2;
long unsigned int _3;
int _6;
<bb 2> [local count: 1073741824]:
_1 = (sizetype) i_4(D);
_2 = &a + _1;
_3 = __builtin_strnlen (_2, 7);
_6 = (int) _3;
return _6;
}
