On 11/20/2017 08:51 AM, Yao Qi wrote: > > Hi, > I failed to compile GDB with GCC trunk (8.0.0 20171117) because of some > -Werror=stringop-overflow= and -Werror=stringop-truncation warnings. > Some of them are not necessary to me, I have the attached patch for two of these but I have been waiting to submit it until the latest GCC patch has been approved that adjusts the checker a bit. > > 1. ../../binutils-gdb/gdb/python/py-gdb-readline.c:79:15: error: ‘char* strncpy(char*, const char*, size_t)’ output truncated before terminating nul copying as many bytes from a string as its length [-Werror=stringop-truncation] > strncpy (q, p, n); > ~~~~~~~~^~~~~~~~~ > ../../binutils-gdb/gdb/python/py-gdb-readline.c:73:14: note: length computed here > n = strlen (p); > ~~~~~~~^~~ > > the code is simple, > > n = strlen (p); > > /* Copy the line to Python and return. */ > q = (char *) PyMem_RawMalloc (n + 2); > if (q != NULL) > { > strncpy (q, p, n); > q[n] = '\n'; > q[n + 1] = '\0'; > } > > I don't see the point of warning here. The overall purpose of the warning is to help find likely misuses of strncpy and strncat. As with any warning that's based on intent, it cannot avoid highlighting some safe uses, or missing some unsafe ones. The case above is based on a heuristic designed to find bugs where the bound depends on the length of the source rather the size of the destination, as in: strncpy (d, s, strlen (s)); This is, unfortunately, a common misuse/mistake. It's often seen in legacy code that's being updated in response to a security mandate to replace strcpy with strncpy. The GDB use case, although safe, is also not how the function is intended to be used. The intended use is to specify the size of the destination, typically a statically allocated array, and have the function fill it with data (not necessarily a string, and not necessarily containing a terminating nul). When the array is allocated dynamically and sized to store the entire string it's preferable to use some other function (e.g., memcpy or strcpy). > > 2. ../../binutils-gdb/gdb/cp-namespace.c:1071:11: error: ‘char* strncpy(char*, const char*, size_t)’ output truncated before terminating nul copying 2 bytes from a string of the same length [-Werror=stringop-truncation] > strncpy (full_name + scope_length, "::", 2); > ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > full_name = (char *) alloca (scope_length + 2 + strlen (name) + 1); > strncpy (full_name, scope, scope_length); > strncpy (full_name + scope_length, "::", 2); This is safe, although also not the intended use of the function. The call above can be replaced either by memcpy or strcpy. There also is no good way to avoid warning on it without compromising the efficacy of the checker. > strcpy (full_name + scope_length + 2, name); > > the code looks right to me, > > Likewise, > > ../../../binutils-gdb/gdb/gdbserver/remote-utils.c:1204:14: error: ‘char* strncpy(char*, const char*, size_t)’ output truncated before terminating nul copying 6 bytes from a string of the same length [-Werror=stringop-truncation] > strncpy (buf, "watch:", 6); > ~~~~~~~~^~~~~~~~~~~~~~~~~~ > > strncpy (buf, "watch:", 6); > buf += 6; > .... > *buf = '\0'; As above, memcpy or strcpy are the preferred alternatives. Martin