mirror/glibc
2
0
Fork 0
mirror of git://sourceware.org/git/glibc.git synced 2025-01-18 12:16:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

stdio-common: Suppress Clang warnings on scanf13.c with fortify enable

Browse Source 
clang-19 shows:

scanf13.c:28:40: error: 'sscanf' may overflow; destination buffer in argument 4 has size 8, but the corresponding specifier may require size 11 [-Werror,-Wfortify-source]
   28 |               "A%ms%10ms%4m[bcd]%4mcB", &sp1, &sp2, &sp3, &sp4) != 4)
      |                                               ^
scanf13.c:94:34: error: 'sscanf' may overflow; destination buffer in argument 3 has size 8, but the corresponding specifier may require size 2049 [-Werror,-Wfortify-source]
   94 |   if (sscanf (buf, "%2048ms%mc", &sp3, &sp4) != 2)
      |                                  ^
scanf13.c:110:61: error: 'sscanf' may overflow; destination buffer in argument 4 has size 8, but the corresponding specifier may require size 1501 [-Werror,-Wfortify-source]
  110 |   if (sscanf (buf, "%4mc%1500m[dr/]%548m[abc/d]%3mc", &sp1, &sp2, &sp3, &sp4)
      |                                                             ^
scanf13.c:110:67: error: 'sscanf' may overflow; destination buffer in argument 5 has size 8, but the corresponding specifier may require size 549 [-Werror,-Wfortify-source]
  110 |   if (sscanf (buf, "%4mc%1500m[dr/]%548m[abc/d]%3mc", &sp1, &sp2, &sp3, &sp4)

clang does have some support to handle 'm' prefix for -Wformat; but it
lacks support for -Wfortify to understand that it is up to libc to
allocate the memory, and uses the pointer size instead to calculate
validity.
This commit is contained in:
Adhemerval Zanella 2025-01-10 14:06:06 -03:00
parent 6a498d780e
commit e59bdf63cb
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
stdio-common/scanf13.c
View File

@ -24,6 +24,7 @@ main (void)
DIAG_PUSH_NEEDS_COMMENT_CLANG;
DIAG_IGNORE_NEEDS_COMMENT_CLANG (13, "-Wformat-invalid-specifier");
DIAG_IGNORE_NEEDS_COMMENT_CLANG (13, "-Wformat-extra-args");
DIAG_IGNORE_NEEDS_COMMENT_CLANG (13, "-Wfortify-source");
if (sscanf ("A \xc3\x84-\t\t\xc3\x84-abcdefbcd\t\xc3\x84-B",
"A%ms%10ms%4m[bcd]%4mcB", &sp1, &sp2, &sp3, &sp4) != 4)
FAIL ();
@ -91,6 +92,8 @@ main (void)
FAIL ();
free (sp2);
}
DIAG_PUSH_NEEDS_COMMENT_CLANG;
DIAG_IGNORE_NEEDS_COMMENT_CLANG (13, "-Wfortify-source");
if (sscanf (buf, "%2048ms%mc", &sp3, &sp4) != 2)
FAIL ();
else
@ -131,6 +134,7 @@ main (void)
FAIL ();
free (sp4);
}
DIAG_POP_NEEDS_COMMENT_CLANG;
if (sscanf (buf, "%mS%mC", &lsp1, &lsp2) != 2)
FAIL ();
else
@ -150,6 +154,7 @@ main (void)
DIAG_PUSH_NEEDS_COMMENT_CLANG;
DIAG_IGNORE_NEEDS_COMMENT_CLANG (13, "-Wformat-invalid-specifier");
DIAG_IGNORE_NEEDS_COMMENT_CLANG (13, "-Wformat-extra-args");
DIAG_IGNORE_NEEDS_COMMENT_CLANG (13, "-Wfortify-source");
if (sscanf (buf, "%2048mls%mlc", &lsp3, &lsp4) != 2)
FAIL ();
else