https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83106
--- Comment #3 from Martin Sebor <msebor at gcc dot gnu.org> --- The warning for strncat helps find similar bugs as for strncpy: defeating the size constraint by specifying the length of the source rather than the amount of space in the destination: strncat (d, s, strlen (s)); This is, of course, equivalent to strcat (d, s) and so an unnecessary/unintended use of the function. Similar recommendation as for strncpy also applies to strncat: strncat (d, s, sizeof d - strlen (d) - 1); See for example: https://www.us-cert.gov/bsi/articles/knowledge/coding-practices/strncpy-and-strncat The GCC code happens to be safe but there's no good way to distinguish safe but unintended uses from unsafe ones and so the warning errs on the side of caution.
