https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79692
Bug ID: 79692 Summary: -Wformat-overflow false positive? Product: gcc Version: 7.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c Assignee: unassigned at gcc dot gnu.org Reporter: sirl at gcc dot gnu.org Target Milestone: --- Created attachment 40820 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=40820&action=edit testcase With trunk r245678 on x86_64 the attached testcase prints these warnings: gcc-trunk -Wformat-overflow -O2 -c test-sprintf-2.c test-sprintf-2.c: In function 'test': test-sprintf-2.c:90:32: warning: '%0*lX' directive writing between 1 and 2147483648 bytes into a region of size 76 [-Wformat-overflow=] sprintf (buffer, "1: %s%c%0*lX %s%c%0*lX", reg, sFrom, nFrom, ^~~~~ test-sprintf-2.c:90:24: note: directive argument in the range [0, 4611686018427387904] sprintf (buffer, "1: %s%c%0*lX %s%c%0*lX", reg, sFrom, nFrom, ^~~~~~~~~~~~~~~~~~~~~~~~ test-sprintf-2.c:90:24: note: directive argument in the range [0, 4611686018427387904] test-sprintf-2.c:90:7: note: 'sprintf' output 9 or more bytes (assuming 4294967303) into a destination of size 80 sprintf (buffer, "1: %s%c%0*lX %s%c%0*lX", reg, sFrom, nFrom, ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (uint64_t) from, reg, sTo, nTo, (uint64_t) to); ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ test-sprintf-2.c:109:29: warning: '%0*lX' directive writing between 1 and 2147483648 bytes into a region of size 76 [-Wformat-overflow=] sprintf (buffer, "2: %s%c%0*lX %0*lX", reg, sFrom, nFrom, ^~~~~ test-sprintf-2.c:109:21: note: directive argument in the range [0, 4611686018427387904] sprintf (buffer, "2: %s%c%0*lX %0*lX", reg, sFrom, nFrom, ^~~~~~~~~~~~~~~~~~~~ test-sprintf-2.c:109:4: note: 'sprintf' output 8 or more bytes (assuming 2147483655) into a destination of size 80 sprintf (buffer, "2: %s%c%0*lX %0*lX", reg, sFrom, nFrom, ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (uint64_t) from, nLen, (uint64_t) len); ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To me it seems it shouldn't warn. PR 79275 looks like a variant of this problem and was already fixed.