On 05/05/2017 10:32 AM, Jakub Jelinek wrote:
On Fri, May 05, 2017 at 10:28:45AM -0600, Martin Sebor wrote:
There have been requests for a warning to diagnose invalid uses
of character arrays that are not nul-terminated, such as arguments
to functions that expect a (nul-terminated) string. For example:
char *p = (char*)malloc (20);
memcpy (p, "/tmp/", 5);
strcat (p, "file.text"); // << warn here
It would be helpful to diagnose such cases (while avoiding false
positives on the indeterminate cases you mention, of course).
One thing here is that there is a function known to require a null
terminated function, not arbitrary other function that may or might not
need it.
Understood. GCC knows about a subset of those functions but there
is no mechanism to let it know about user-defined functions that
have the same constraint. With the warning implemented, adding
an attribute would make it possible for GCC to diagnose this
problem in general. For instance, say the attribute is called
string, libc could annotate fopen like so:
FILE* __attribute__ ((string (1), string (2)))
fopen (const char *restrict, const char *restrict);
And another thing is that in the tree-ssa-strlen.c framework known
records can be invalidated at any time and you then don't know,
it is an optimization, not a warning framework.
So, for the warning you'd need to track whether there have been any
invalidation and just punt in that case.
Sure.
Martin
