bug#42656: term.c:1405:25: warning: ‘%d’ directive writing between 2 and 10 bytes into a region of size 3

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

bug#42656: term.c:1405:25: warning: ‘%d’ directive writing between 2 and 10 bytes into a region of size 3

Jeffrey Walton-3
I think this can be cleared by clamping the argument.

term.c: In function ‘term_get_fkeys_1’:
term.c:1405:25: warning: ‘%d’ directive writing between 2 and 10 bytes
into a region of size 3 [-Wformat-overflow=]
        sprintf (fkey, "f%d", i);
                         ^~
term.c:1405:23: note: directive argument in the range [11, 2147483646]
        sprintf (fkey, "f%d", i);
                       ^~~~~
In file included from /usr/include/stdio.h:862:0,
                 from ../lib/stdio.h:43,
                 from termchar.h:22,
                 from term.c:31:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:33:10: note:
‘__builtin___sprintf_chk’ output between 4 and 12 bytes into a
destination of size 4
   return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,



Reply | Threaded
Open this post in threaded view
|

bug#42656: term.c:1405:25: warning: ‘%d’ directive writing between 2 and 10 bytes into a region of size 3

Andreas Schwab-2
On Aug 01 2020, Jeffrey Walton wrote:

> term.c:1405:23: note: directive argument in the range [11, 2147483646]
>         sprintf (fkey, "f%d", i);
>                        ^~~~~

That's clearly a compiler bug.  The loop counts i from 11 to 64, so
2147483646 can never happen.

Andreas.

--
Andreas Schwab, [hidden email]
GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510  2552 DF73 E780 A9DA AEC1
"And now for something completely different."



Reply | Threaded
Open this post in threaded view
|

bug#42656: term.c:1405:25: warning: ‘%d’ directive writing between 2 and 10 bytes into a region of size 3

Lars Ingebrigtsen
Andreas Schwab <[hidden email]> writes:

> On Aug 01 2020, Jeffrey Walton wrote:
>
>> term.c:1405:23: note: directive argument in the range [11, 2147483646]
>>         sprintf (fkey, "f%d", i);
>>                        ^~~~~
>
> That's clearly a compiler bug.  The loop counts i from 11 to 64, so
> 2147483646 can never happen.

Yeah, that clearly seems like a compiler bug?  What compiler are you
using?

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no