https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79257
Pierre Chapuis <catwell-gcc at catwell dot info> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |catwell-gcc at catwell dot info
--- Comment #5 from Pierre Chapuis <catwell-gcc at catwell dot info> ---
I think I can reproduce something similar *without* the sanitizer.
Using GCC 7.1.1, with:
#include <stdio.h>
int main () {
int i; char obuf[3];
int start = 0x00;
for (i = start; i <= 0xff; ++i) {
sprintf(obuf, "%02x", i);
}
return 0;
}
I get:
demo.c: In function ‘main’:
demo.c:6:23: warning: ‘sprintf’ may write a terminating nul past the end of the
destination [-Wformat-overflow=]
sprintf(obuf, "%02x", i);
^~~~~~
demo.c:6:9: note: ‘sprintf’ output between 3 and 4 bytes into a destination of
size 3
sprintf(obuf, "%02x", i);
^~~~~~~~~~~~~~~~~~~~~~~~
At O1 I don't get the warning.
If I set `start` to `0xfb` or `0xfc`, I get the same warning. If I set it to
`0xfe` or `0xff` I don't get a warning. If I set it to `0xfd` I get the warning
*twice*:
demo.c: In function ‘main’:
demo.c:6:23: warning: ‘sprintf’ may write a terminating nul past the end of the
destination [-Wformat-overflow=]
sprintf(obuf, "%02x", i);
^~~~~~
demo.c:6:9: note: ‘sprintf’ output between 3 and 4 bytes into a destination of
size 3
sprintf(obuf, "%02x", i);
^~~~~~~~~~~~~~~~~~~~~~~~
demo.c:6:23: warning: ‘sprintf’ may write a terminating nul past the end of the
destination [-Wformat-overflow=]
sprintf(obuf, "%02x", i);
^~~~~~
demo.c:6:9: note: ‘sprintf’ output between 3 and 4 bytes into a destination of
size 3
sprintf(obuf, "%02x", i);
^~~~~~~~~~~~~~~~~~~~~~~~
