https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88226
Bug ID: 88226 Summary: missing warning on fprintf, fputs, and puts with an unterminated array Product: gcc Version: 9.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: middle-end Assignee: unassigned at gcc dot gnu.org Reporter: msebor at gcc dot gnu.org Target Milestone: --- Of the invalid uses of an unterminated character array below GCC diagnoses just the first and none of the others. $ cat t.c && gcc -O2 -S -Wall -fdump-tree-optimized=/dev/stdout t.c #include <stdio.h> const char c = 'a'; void g (FILE *f) { printf ("%s", &c); // warning (good) fprintf (f, "%s", &c); // missing warning fputs (&c, f); // same puts (&c); // same } t.c: In function āgā: t.c:7:12: warning: ā%sā directive argument is not a nul-terminated string [-Wformat-overflow=] 7 | printf ("%s", &c); // warning (good) | ~~~~~~~~~^~~~~~~~ t.c:3:12: note: referenced argument declared here 3 | const char c = 'a'; | ^ ;; Function g (g, funcdef_no=11, decl_uid=2409, cgraph_uid=12, symbol_order=12) g (struct FILE * f) { <bb 2> [local count: 1073741824]: printf ("%s", &c); __builtin_fputs (&c, f_3(D)); fputs (&c, f_3(D)); puts (&c); [tail call] return; }