[Bug c/67729] -Wformat should warn for %Ns where the buffer size is known to be less than N in size

dcb314 at hotmail dot com via Gcc-bugs Thu, 31 Aug 2023 05:08:35 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67729


--- Comment #5 from David Binderman <dcb314 at hotmail dot com> ---
I just noticed that clang-16.0.6 now implements this check:

$ clang++ -c -g -O2 -Wall -Wextra -Wformat=2 -D_FORTIFY_SOURCE=2 sep9a.cc
sep9a.cc:13:29: warning: 'fscanf' may overflow; destination buffer in argument
3 has size 10, but the corresponding specifier may require size 11
[-Wfortify-source]
        while (fscanf( fp, "%10s", buf))
                                   ^
sep9a.cc:17:29: warning: 'fscanf' may overflow; destination buffer in argument
3 has size 10, but the corresponding specifier may require size 21
[-Wfortify-source]
        while (fscanf( fp, "%20s", buf))
                                   ^
2 warnings generated.
$

Still nothing from gcc:

$ ~/gcc/results/bin/g++ -c -g -O2 -Wall -Wextra -Wformat=2 -D_FORTIFY_SOURCE=2
sep9a.cc
$

[Bug c/67729] -Wformat should warn for %Ns where the buffer size is known to be less than N in size

Reply via email to