https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82646
Bug ID: 82646
Summary: bogus -Wstringop-overflow with -D_FORTIFY_SOURCE=2 on
strncpy with range to a member array
Product: gcc
Version: 8.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
In contrast to bug 82645, when compiling with -D_FORTIFY_SOURCE=2 GCC issues a
bogus -Wstringop-overflow on the following test case that then runs
successfully to completion (i.e., no abort):
$ (set -x && cat y.c && gcc -O2 -Wall y.c && gcc -D_FORTIFY_SOURCE=2 -O2 -Wall
y.c && ./a.out)
+ cat y.c
#include <string.h>
struct S { char a[5]; void (*pf)(void); };
void __attribute__ ((weak))
sink (const char *s)
{
__builtin_printf ("%.7s\n", s);
}
void __attribute__ ((weak))
g (struct S *p, int n)
{
if (n < 5) n = 5;
strncpy (p->a, "1234567", n);
sink (p->a);
}
int main (void)
{
struct S s = { };
g (&s, 1);
}
+ gcc -O2 -Wall y.c
+ gcc -D_FORTIFY_SOURCE=2 -O2 -Wall y.c
In file included from /usr/include/string.h:635:0,
from y.c:1:
In function ‘strncpy’,
inlined from ‘g’ at y.c:16:3:
/usr/include/bits/string3.h:126:10: warning: ‘__builtin___strncpy_chk’ writing
7 bytes into a region of size 5 overflows the destination
[-Wstringop-overflow=]
return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ./a.out
12345
