Hi,
On 1/10/21 3:56 PM, Martin Sebor wrote:
Sure. I was confirming that based on the GCC dump there is no risk
of an overflow in the translation unit, and so there is no warning.
OK. :) I didn't understand the GCC dump. Despite having commit privs,
I'm not actually a compiler guru.
It can /not/ overflow. Those compiler stats are not decipherable by me.
They indicate the minimum, likely, maximum, and unlikely maximum
number of bytes of output for each directive and the running totals
for the call (in parentheses). The relevant lines are these:
Directive 2 at offset 2: "%s"
Result: 0, 255, 255, 255 (2, 257, 257, 257)
The result tells us that the length of the %s argument is between
0 and 255 bytes long.
It should be 1 to 255. 0 is actually impossible, but it would take crazy
complicated sleuthing to figure it out, even though the "spn_*"
functions should be inlined.
Since objsize (the size of the destination) is 520 there is no
buffer overflow.
The size of the destination is guaranteed to be between 263 and 518
bytes. The "def_str" pointer will always point at least two bytes past
the start of the 520 byte buffer.
The note in the forwarded message indicates that GCC computes
the destination size to be much smaller for some reason:
note: 'sprintf' output between 4 and 259 bytes into a destination of
size 255
I.e., it thinks it's just 255 bytes. As I explained, such a small
size would trigger the warning by design.
Yep. If it can accurately figure out the minimum size remaining, that
would be completely fine. "If."
I can't really think of
a reason why GCC would compute a smaller size here (it looks far
from trivial).
If it can figure out that the minimum size is 263, that'd be great. If
it can't, it needs to be quiet.
We'd need to see the original poster's translation
unit and know the host and the target GCC was configured for.
OK. Not anything I can do. Thomas would have to send in his version of
"gd.i".
Thank you!
Regards, Bruce
