https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117780
Bug ID: 117780
Summary: -fsanitize=undefined -O1 false positive ‘%s’ directive
argument is null [-Wformat-truncation=]
Product: gcc
Version: 14.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: yansendao at 126 dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org
Target Milestone: ---
Created attachment 59703
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=59703&action=edit
testcase
> gcc -Wno-unused-function -Wall -c -fsanitize=undefined -O1
> ~/compiler-test/openjdk/patchs/asan/java-format-truncation-creduce.c
/home/yansendao/compiler-test/openjdk/patchs/asan/java-format-truncation-creduce.c:
In function ‘az’:
/home/yansendao/compiler-test/openjdk/patchs/asan/java-format-truncation-creduce.c:12:21:
warning: ‘%s’ directive argument is null [-Wformat-truncation=]
12 | snprintf(&aj, an, am, c);
| ^~
> cat ~/compiler-test/openjdk/patchs/asan/java-format-truncation-creduce.c
//gcc -Wno-unused-function -Wall -c -fsanitize=undefined -O1
~/compiler-test/openjdk/patchs/asan/java-format-truncation-creduce.c
char aj;
int snprintf(char *, unsigned long, const char *, ...);
unsigned long strlen(const char *);
void a();
char *b();
void az() {
char *c, *al = 0;
static const char am[] = "Djava.class.path=%s";
c = b();
long an = strlen(c);
snprintf(&aj, an, am, c);
if (c != al)
a();
}
