[Bug lto/79062] -Walloca-larger-than and -Wformat-overflow warnings disabled by -flto

msebor at gcc dot gnu.org via Gcc-bugs Fri, 30 Jul 2021 08:29:19 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79062


Martin Sebor <msebor at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Priority|P3                          |P2

--- Comment #9 from Martin Sebor <msebor at gcc dot gnu.org> ---
The same problem affects _FORTIFY_SOURCE.  Since this effectively disables
compile-time buffer overflow detection for the sprintf family of functions I'm
bumping Importance up to P2.  (The runtime prevention still works.)

$ (set -x && cat pr79062.c && gcc -D_FORTIFY_SOURCE=2 -O2 -Wall -flto -c
pr79062.c && gcc -D_FORTIFY_SOURCE=2 -O2 -Wall -flto pr79062.o && ./a.out)
+ cat pr79062.c
#include <stdio.h>
#include <stdlib.h>

int main (void)
{
  char *d = (char*)alloca (2);
  int n = sprintf (d, "%i", 123);   // missing warning with -flto
  puts (d);
  if (n > 1)
    abort ();
}
+ gcc -D_FORTIFY_SOURCE=2 -O2 -Wall -flto -c pr79062.c
+ gcc -D_FORTIFY_SOURCE=2 -O2 -Wall -flto pr79062.o
+ ./a.out
*** buffer overflow detected ***: ./a.out terminated

[Bug lto/79062] -Walloca-larger-than and -Wformat-overflow warnings disabled by -flto

Reply via email to