https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79448
--- Comment #5 from Mark Wielaard <mark at gcc dot gnu.org> --- (In reply to Martin Sebor from comment #4) > Ouch. When its size argument is zero, a snprintf call is a request to > compute the size of output without actually writing any into the destination > (which may be a null pointer). At level 2 the checker uses the lower bound > of the range of the size argument (for greater strictness) but fails to > distinguish it from a constant zero. Since the argument may or may not be > zero this is not safe. I've raised bug 79496 to track the problem (which is > unrelated to this bug). Thanks for fixing that bug. I fetch the latest gcc svn trunk with that fix and added your proposed patch for this bug on top and I no longer get false positives with -Wformat-truncation=2 on my code base and all unit tests pass now. The only warnings reported (with this patch applied) are cases where there is indeed a possibility of truncation that wasn't handled in the code. So if at all possible I would like to see this go in before gcc 7.1 is released because without it -Wformat-truncation=2 isn't as useful as it could be.
