http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54582
--- Comment #4 from Richard Biener <rguenth at gcc dot gnu.org> 2013-02-06 12:21:12 UTC --- (In reply to comment #3) > Code is (maybe_emit_sprintf_chk_warning): > > /* If the format doesn't contain % args or %%, we know its size. */ > if (strchr (fmt_str, target_percent) == 0) > len = build_int_cstu (size_type_node, strlen (fmt_str)); > /* If the format is "%s" and first ... argument is a string literal, > we know it too. */ > else if (fcode == BUILT_IN_SPRINTF_CHK > && strcmp (fmt_str, target_percent_s) == 0) > ... > else > return; > > so it lacks a way to compute an upper bound for the format which I guess > we can always compute (just not account all %'s at all?). lower bound of course
