https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94647
Bug ID: 94647
Summary: [10 Regression] wrong diagnostic with
-Werror=format-security
Product: gcc
Version: 10.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: other
Assignee: unassigned at gcc dot gnu.org
Reporter: doko at debian dot org
Target Milestone: ---
[forwarded from https://bugs.debian.org/958062]
seen with trunk 20200417, works with the gcc-9 branch.
$ cat testcase.c
/* Compile with gcc-10 -O2 -c testcase.c -Wall -Wformat -Werror=format-security
*/
#include <string.h>
struct a
{
int pad;
char string[512];
};
struct b
{
int pad;
char string[256];
};
int f(struct a *d, struct b *s)
{
int l;
/* No warning here, so GCC 10 assumes that d->string is properly
* null terminated. */
l = strlen(d->string);
/* Warning here, GCC 10 assumes that d->string is *not* properly
* null terminated */
strncpy(d->string, s->string, sizeof(d->string));
return l;
}
$ gcc-10 -O2 -c testcase.c -Wall -Wformat -Werror=format-security
In file included from /usr/include/string.h:495,
from testcase.c:3:
In function ‘strncpy’,
inlined from ‘f’ at testcase.c:27:2:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: warning:
‘__builtin_strncpy’ offset [260, 511] from the object at ‘s’ is out of the
bounds of referenced subobject ‘string’ with type ‘char[256]’ at offset 4
[-Warray-bounds]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos
(__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
testcase.c: In function ‘f’:
testcase.c:14:7: note: subobject ‘string’ declared here
14 | char string[256];
| ^~~~~~
