https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93653
Bug ID: 93653
Summary: diagnose calls to strncmp with bound less than
constant string length
Product: gcc
Version: 10.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
-Wstring-compare diagnoses equality expressions involving calls to strcmp and
strncmp that evaluate to constant s based on the size of one argument and the
length of another. Such calls are likely mistakes (it makes little sense to
compare a longer string for equality to a smaller array).
Another class of mistakes -Wstring-compare could help detect is those pointed
out in pr93640 and pr93641: calls with constant bounds that are less than the
length of the constant string argument. These should probably be detected and
diagnosed early, before non-constant expressions have been folded into
constants. Another question is whether the string arguments should be limited
to literals or whether all constant strings should be considered.
$ cat x.c && gcc -O2 -S -Wall -Wextra -Wpedantic x.c
char a[2];
int f (void)
{
return __builtin_strncmp (a, "123", 3) == 0; // warning
}
int g (const char *s)
{
return __builtin_strncmp (s, "123", 2) == 0; // should warn
}
x.c: In function ‘f’:
x.c:5:10: warning: ‘__builtin_strncmp’ of a string of length 3, an array of
size 2 and bound of 3 evaluates to nonzero [-Wstring-compare]
5 | return __builtin_strncmp (a, "123", 3) == 0; // warning
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
