https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93655
Bug ID: 93655
Summary: diagnose calls to strncmp with bound greater than
constant string length
Product: gcc
Version: 10.0
Status: UNCONFIRMED
Severity: enhancement
Priority: P3
Component: middle-end
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
In addition to pr93653, the -Wstring-compare warning (new in GCC 10) could also
diagnose strncmp calls where the bound is so large that it could cause the
function to read past the end of one of the string, as is possible in all three
instances below. The warning should be issued regardless of how the result of
the call is used (i.e., for equality or otherwise).
$ cat x.c && gcc -O2 -S -Wall -Wextra -Wpedantic x.c
char a2[2], a3[3];
int f (void)
{
return __builtin_strncmp (a3, "12", 5); // missing warning
}
int g (void)
{
return __builtin_strncmp (a3, a2, 7); // missing warning
}
int h (const char *s)
{
return __builtin_strncmp (a3, s, 7); // missing warning
}
