https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77696
--- Comment #5 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
(In reply to David Malcolm from comment #4)
> In the meantime, I'm going to post some of the other UI ideas for this that
> we've being chatting about, so that they're captured publicly.
Consider this problematic call to sprintf:
$ cat demo.c
#include <stdio.h>
const char *test_1 (const char *msg)
{
static char buf[16];
sprintf (buf, "msg: %s\n", msg);
return buf;
}
void test_2 ()
{
test_1 ("this is long enough to cause trouble");
}
Right now, we emit this (this is trunk, plus some fixes for line-
numbering bugs):
$ ./xgcc -B. -c demo.c -Wall -O2
demo.c: In function ‘test_2’:
demo.c:6:23: warning: ‘%s’ directive writing 36 bytes into a region of size 11
[-Wformat-overflow=]
6 | sprintf (buf, "msg: %s\n", msg);
| ^~
demo.c:12:11:
12 | test_1 ("this is long enough to cause trouble");
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
demo.c:6:3: note: ‘sprintf’ output 43 bytes into a destination of size 16
6 | sprintf (buf, "msg: %s\n", msg);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I brainstormed some ideas on making these kinds of warning easier for
the user to understand.
