On Wed, Feb 28, 2018 at 11:14:23PM -0500, Peter Eisentraut wrote: > AFAICT, the issues addressed here either can't really happen without > trying very hard, or would cause harmless output truncation. Still, it > seems good to clean this up properly and not rely on made-up buffer size > guesses that turn out to be wrong, even if we don't want to adopt the > warning options by default.
Good idea.
> One issue that is of external interest is that I increase BGW_MAXLEN
> from 64 to 96. Apparently, the old value would cause the bgw_name of
> logical replication workers to be truncated in some circumstances. I
> have also seen truncated background worker names with third-party
> packages, so giving some more room here would be useful.
OK, no complains about that.
@@ -89,7 +89,7 @@ static Datum
build_pgstattuple_type(pgstattuple_type *stat, FunctionCallInfo fcinfo)
{
#define NCOLUMNS 9
-#define NCHARS 32
+#define NCHARS 314
So this one is caused by the output of %.2f...
Enabling them by default would generate some useless noise if the patch
is let as-is as a couple of them are not addressed. Please see the full
report attached. Is that intentional? I am using GCC 7.3 here.
interval.c: In function ‘AppendSeconds’:
interval.c:759:22: warning: ‘%0*d’ directive output between 1 and
2147483648 bytes may exceed minimum required size of 4095
[-Wformat-overflow=]
sprintf(cp, "%02d.%0*d", abs(sec), precision, (int) Abs(fsec));
pg_rusage.c:64:5: note: in expansion of macro ‘_’
_("CPU: user: %d.%02d s, system: %d.%02d s, elapsed: %d.%02d s"),
^
pg_rusage.c:63:2: note: ‘snprintf’ output between 51 and 108
bytes into a destination of size 100
snprintf(result, sizeof(result),
--
Michael
<command-line>:0:0: note: this is the location of the previous definition
In file included from ../../../src/include/postgres.h:46:0,
from be-secure-openssl.c:17:
be-secure-openssl.c: In function ‘SSLerrmessage’:
../../../src/include/c.h:1009:20: warning: ‘%lu’ directive output may be
truncated writing between 1 and 20 bytes into a region of size 17
[-Wformat-truncation=]
#define gettext(x) (x)
^
../../../src/include/c.h:1015:14: note: in expansion of macro ‘gettext’
#define _(x) gettext(x)
^~~~~~~
be-secure-openssl.c:1023:35: note: in expansion of macro ‘_’
snprintf(errbuf, sizeof(errbuf), _("SSL error code %lu"), ecode);
^
be-secure-openssl.c:1023:2: note: ‘snprintf’ output between 17 and 36 bytes
into a destination of size 32
snprintf(errbuf, sizeof(errbuf), _("SSL error code %lu"), ecode);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
postgres.c: In function ‘check_log_duration’:
postgres.c:2156:36: warning: ‘snprintf’ output may be truncated before the last
format character [-Wformat-truncation=]
snprintf(msec_str, 32, "%ld.%03d",
^
postgres.c:2156:4: note: ‘snprintf’ output between 6 and 33 bytes into a
destination of size 32
snprintf(msec_str, 32, "%ld.%03d",
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
secs * 1000 + msecs, usecs % 1000);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
formatting.c: In function ‘DCH_to_char’:
formatting.c:2455:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_hour >= 0) ? 2 : 3,
^~~~
formatting.c:2455:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_hour >= 0) ? 2 : 3,
^~~~~~
formatting.c:2463:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_hour >= 0) ? 2 : 3,
^~~~
formatting.c:2463:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_hour >= 0) ? 2 : 3,
^~~~~~
formatting.c:2470:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_min >= 0) ? 2 : 3,
^~~~
formatting.c:2470:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_min >= 0) ? 2 : 3,
^~~~~~
formatting.c:2477:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_sec >= 0) ? 2 : 3,
^~~~
formatting.c:2477:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_sec >= 0) ? 2 : 3,
^~~~~~
formatting.c:2538:19: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%c%0*d",
^~~~
formatting.c:2538:16: note: assuming directive output of 11 bytes
sprintf(s, "%c%0*d",
^~~~~~~~
formatting.c:2692:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_mon >= 0) ? 2 : 3,
^~~~
formatting.c:2692:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (tm->tm_mon >= 0) ? 2 : 3,
^~~~~~
formatting.c:2805:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : 3,
^~~~
formatting.c:2805:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : 3,
^~~~~~
formatting.c:2814:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : 2, tm->tm_mday);
^~~~
formatting.c:2814:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : 2, tm->tm_mday);
^~~~~~
formatting.c:2834:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : 2,
^~~~
formatting.c:2834:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : 2,
^~~~~~
formatting.c:2841:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : 2,
^~~~
formatting.c:2841:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : 2,
^~~~~~
formatting.c:2868:18: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (i >= 0) ? 2 : 3, i);
^~~~
formatting.c:2868:17: note: assuming directive output of 11 bytes
sprintf(s, "%0*d", S_FM(n->suffix) ? 0 : (i >= 0) ? 2 : 3, i);
^~~~~~
formatting.c:2885:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d",
^~~~
formatting.c:2885:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d",
^~~~~~
formatting.c:2900:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d",
^~~~
formatting.c:2900:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d",
^~~~~~
formatting.c:2915:17: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(s, "%0*d",
^~~~
formatting.c:2915:16: note: assuming directive output of 11 bytes
sprintf(s, "%0*d",
^~~~~~
guc.c: In function ‘InitializeGUCOptionsFromEnvironment’:
guc.c:4604:20: warning: ‘%ld’ directive writing between 1 and 20 bytes into a
region of size 16 [-Wformat-overflow=]
sprintf(limbuf, "%ld", new_limit);
^~~~~
guc.c:4604:4: note: ‘sprintf’ output between 2 and 21 bytes into a destination
of size 16
sprintf(limbuf, "%ld", new_limit);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../../../src/include/postgres.h:46:0,
from pg_rusage.c:16:
pg_rusage.c: In function ‘pg_rusage_show’:
../../../../src/include/c.h:1009:20: warning: ‘%02d’ directive output may be
truncated writing between 2 and 11 bytes into a region of size between 6 and 54
[-Wformat-truncation=]
#define gettext(x) (x)
^
../../../../src/include/c.h:1015:14: note: in expansion of macro ‘gettext’
#define _(x) gettext(x)
^~~~~~~
pg_rusage.c:64:5: note: in expansion of macro ‘_’
_("CPU: user: %d.%02d s, system: %d.%02d s, elapsed: %d.%02d s"),
^
pg_rusage.c:63:2: note: ‘snprintf’ output between 51 and 108 bytes into a
destination of size 100
snprintf(result, sizeof(result),
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_("CPU: user: %d.%02d s, system: %d.%02d s, elapsed: %d.%02d s"),
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(int) (ru1.ru.ru_utime.tv_sec - ru0->ru.ru_utime.tv_sec),
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(int) (ru1.ru.ru_utime.tv_usec - ru0->ru.ru_utime.tv_usec) / 10000,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(int) (ru1.ru.ru_stime.tv_sec - ru0->ru.ru_stime.tv_sec),
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(int) (ru1.ru.ru_stime.tv_usec - ru0->ru.ru_stime.tv_usec) / 10000,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(int) (ru1.tv.tv_sec - ru0->tv.tv_sec),
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(int) (ru1.tv.tv_usec - ru0->tv.tv_usec) / 10000);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<command-line>:0:0: note: this is the location of the previous definition
interval.c: In function ‘AppendSeconds’:
interval.c:759:22: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(cp, "%02d.%0*d", abs(sec), precision, (int) Abs(fsec));
^~~~
interval.c:759:16: note: assuming directive output of 11 bytes
sprintf(cp, "%02d.%0*d", abs(sec), precision, (int) Abs(fsec));
^~~~~~~~~~~
interval.c:761:20: warning: ‘%0*d’ directive output between 1 and 2147483648
bytes may exceed minimum required size of 4095 [-Wformat-overflow=]
sprintf(cp, "%d.%0*d", abs(sec), precision, (int) Abs(fsec));
^~~~
interval.c:761:16: note: assuming directive output of 11 bytes
sprintf(cp, "%d.%0*d", abs(sec), precision, (int) Abs(fsec));
^~~~~~~~~
signature.asc
Description: PGP signature
