* Jeff Law: > On 09/25/2016 03:46 AM, Bernd Edlinger wrote: >> Hi Martin, >> >> in the past I have seen (and fixed) code like >> >> sprintf(buf, "%s %d", buf, x); >> >> that may possibly work by chance, but usually >> produces undefined results. >> >> Do you see a way to enhance the warning for cases >> where the output buffer overlaps an input buffer?
> ISTM you really need strong PTA analysis here to nail down the > pointers to a single object, then you can query their ranges and look > for overlap. We could detect this at run time in glibc with reasonable cost, I think. We should probably introduce new symbol versions if we do that, to avoid breaking existing applications needlessly. Or we could make this well-defined because it is such a useful extension.
