[Bug tree-optimization/81163] error: ‘snprintf’ output may be truncated before the last format character [-werror=format-truncation=] note: ‘snprintf’ output between 2 and 266 bytes into a destination

[mcroce at redhat dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81163

Matteo Croce  changed:

   What|Removed |Added

 CC||mcroce at redhat dot com

--- Comment #11 from Matteo Croce  ---
Hi,

when compiling this snippet:

void f()
{
const char *dir = "a";
const char file[50] = "b";
char buf[4];
snprintf(buf, sizeof(buf), "%s/%s", dir, file);
}

I get:

buf.c: In function ‘f’:
buf.c:19:33: warning: ‘%s’ directive output may be truncated writing up to 49
bytes into a region of size 3 [-Wformat-truncation=]
   19 |  snprintf(buf, sizeof(buf), "%s/%s", dir, file);
  | ^~
buf.c:19:2: note: ‘snprintf’ output 2 or more bytes (assuming 51) into a
destination of size 4
   19 |  snprintf(buf, sizeof(buf), "%s/%s", dir, file);
  |  ^~


While I agree with the first warning (directive output may be truncated writing
up to 49 bytes into a region of size 3) I'm not fully convinced about
"‘snprintf’ output 2 or more bytes (assuming 51) into a destination of size 4".
snprintf will output up to 4 bytes, NULL terminator included according to the
documentation:

The functions snprintf() and vsnprintf() write at most size bytes
(including the terminating null byte ('\0')) to str.

I'm using GCC 9.1.1

Regards,
Matteo Croce

[Bug c++/83431] -Wformat-truncation may incorrectly report truncation

[mcroce at redhat dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83431

--- Comment #3 from Matteo Croce  ---
I can reproduce it with this snippet:

void f()
{
const char *dir = "a";
const char file[50] = "b";
char buf[4];
snprintf(buf, sizeof(buf), "%s/%s", dir, file);
}


$ gcc -Wall -c buf.c
buf.c: In function ‘f’:
buf.c:8:33: warning: ‘%s’ directive output may be truncated writing up to 49
bytes into a region of size 3 [-Wformat-truncation=]
8 |  snprintf(buf, sizeof(buf), "%s/%s", dir, file);
  | ^~   ~~~
buf.c:8:2: note: ‘snprintf’ output 2 or more bytes (assuming 51) into a
destination of size 4
8 |  snprintf(buf, sizeof(buf), "%s/%s", dir, file);
  |  ^~~~

$ gcc -v
Using built-in specs.
COLLECT_GCC=/usr/bin/gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/9/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-redhat-linux
Configured with: ../configure --enable-bootstrap
--enable-languages=c,c++,fortran,objc,obj-c++,ada,go,d,lto --prefix=/usr
--mandir=/usr/share/man --infodir=/usr/share/info
--with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared
--enable-threads=posix --enable-checking=release --enable-multilib
--with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions
--enable-gnu-unique-object --enable-linker-build-id
--with-gcc-major-version-only --with-linker-hash-style=gnu --enable-plugin
--enable-initfini-array --with-isl --enable-offload-targets=nvptx-none
--without-cuda-driver --enable-gnu-indirect-function --enable-cet
--with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux
Thread model: posix
gcc version 9.1.1 20190503 (Red Hat 9.1.1-1) (GCC)

Regards,
Matteo Croce