https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83959
Bug ID: 83959
Summary: Missing buffer overflow warning on printf %s
Product: gcc
Version: 8.0
Status: UNCONFIRMED
Severity: enhancement
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: prathamesh3492 at gcc dot gnu.org
Target Milestone: ---
int main(void)
{
char a[3] = "xyz";
__builtin_printf ("%s", a);
return 0;
}
No warning generated with -Wall -Wextra -Wstringop-overflow=2.
Should -Wstringop-overflow be catching this case ?
I wonder if the compiler should warn (with Wextra maybe?) for
char a[3] = "xyz";
ie when sizeof(array) == strlen(initializier) ?
Although the above initializer doesn't cause overflow by itself, I suppose
almost
all string functions expect char arrays to end with '\0' and would end up
looking past end of array thus causing overflow.
Thanks,
Prathamesh
