https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78969
Sergei Trofimovich <slyfox at inbox dot ru> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |slyfox at inbox dot ru
--- Comment #4 from Sergei Trofimovich <slyfox at inbox dot ru> ---
Found similar false positive on lxc project.
Original snippet of code:
https://github.com/lxc/lxc/blob/5059aae90584d7d80b3494088920da4ba73e2b2a/src/lxc/cgroups/cgfsng.c#L1379-L1395
Simplified version:
$ cat a.c
#include <stdio.h>
void f(char * p /* NNN\0" */) {
for (int idx = 0; idx < 1000; idx++) {
// guaranteed to be in [0-999] range
snprintf (p, 4, "%d", idx);
}
}
$ gcc -O2 -c a.c -Wall
a.c: In function 'f':
a.c:6:25: warning: '__builtin___snprintf_chk' output may be truncated before
the last format character [-Wformat-truncation=]
snprintf (p, 4, "%d", idx);
^~~~
/usr/include/bits/stdio2.h:64:10: note: '__builtin___snprintf_chk' output
between 2 and 5 bytes into a destination of size 4
If I change 1000 to 999
for (int idx = 0; idx < 999; idx++) {
no warning will be issued.
Looks like what happens here is that gcc does not distinct between
idx in the for loop itself that has range of [0-999]
and idx outside for loop, which has value range of [1000-1000].
