https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94615
Bug ID: 94615
Summary: -Wstringop-truncation warns on strncpy() with struct
lastlog (or utmp)
Product: gcc
Version: 8.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: allison.karlitskaya at redhat dot com
Target Milestone: ---
Consider this code:
{
struct lastlog entry;
strncpy (entry.ll_host, rhost, sizeof entry.ll_host);
/* fill other fields */
/* write record to the lastlog */
}
strncpy() turns out to be exactly what you want in this case because the
ll_host field in struct lastlog is only *optionally* nul terminated, in the
case of the hostname being shorter than the field width. If the hostname is
equal to or longer than the field length then you should write the whole thing
in, without including a nul. Consequently, any reader code needs to be more
careful about checking for both conditions (which it ought to be, in any case).
GCC 8 gives this warning, though:
/usr/include/bits/string_fortified.h:106:10: warning: '__builtin_strncpy'
specified bound 256 equals destination size [-Wstringop-truncation]
... which on its face seems kinda funny, because the bound *should* equal the
destination size. Particularly in this case.
Perhaps there is some attribute or other hint that can be added to the struct
in question that the character array is intended to be only optionally nul
terminated, and in that case, we could skip the warning? Otherwise, it would
be nice if there were a way to avoid this warning that didn't involve a mess of
#if and #pragma.
