On 2/4/19, Martin Sebor <mse...@gmail.com> wrote: > The attached patch relaxes -Wformat-overflow=2 to avoid warning about > individual directives that might (but need not) exceed the 4095 byte > limit, and about the total function output that likewise might (but > need not) exceed the INT_MAX limit. > > The bug report actually requests that instead of the standard minimum > of 4095 bytes, GCC consider real libc limits, but trying to figure > out what these real limits might be (they're not documented anywhere, > AFAIK) and hardcoding them into GCC doesn't seem like a good solution. > > Instead, the patch only does little more than the bare minimum to > suppress these pedantic warnings, and it only does that for the "may > exceed" cases and not for those where the size of output definitely > exceeds either limit. Using the formatted functions to write such > large amounts of data seems more likely to be a bug than intentional, > and at level 2 issuing the warning seems appropriate unless the return > value of the function is tested. When it is, even tough exceeding > these limits is strictly undefined, it seems reasonable to assume that > a quality libc implementation will detect it and return an error (as > required by POSIX).
Reminder that gcc is available for non-POSIX platforms (e.g. mingw) > > So with the patch, the only way to get this warning is for calls to > sprintf or to unchecked snprintf. > > Martin >
