avoid bogus format-overflow error

Seen on x86_64-linux Ubuntu 24.04.2 using gcc-13.3.0 with
CFLAGS="-m32 -g -O2 -fsanitize=address,undefined"

In function ‘sprintf’,
    inlined from ‘s_mri_for’ at gas/config/tc-m68k.c:6941:5:
/usr/include/bits/stdio2.h:30:10: error: null destination pointer [-Werror=format-overflow=]
   30 |   return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   31 |                                   __glibc_objsize (__s), __fmt,
      |                                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   32 |                                   __va_arg_pack ());
      |                                   ~~~~~~~~~~~~~~~~~

Rewrite the code without sprintf, as in other parts of s_mri_for.
See also commit 760fb390fd4c and following commits.

Note that adding -D_FORTIFY_SOURCE=0 to CFLAGS (which is a good idea
when building with sanitizers) merely transforms the sprintf_chk error
here into one regarding plain sprintf.

diff --git a/gas/config/tc-m68k.c b/gas/config/tc-m68k.c
index 0f36741fec12feeb53effcfd1f357f6ec618d778..46b26d4f38aaa78d78c076f9a5ee19a7b28881f3 100644 (file)
--- a/gas/config/tc-m68k.c
+++ b/gas/config/tc-m68k.c
@@ -6754,7 +6754,6 @@ s_mri_for (int qual)
   struct mri_control_info *n;
   char *buf;
   char *s;
-  char ex[2];
 
   /* The syntax is
        FOR.q var = init { TO | DOWNTO } end [ BY by ] DO.e
@@ -6935,12 +6934,14 @@ s_mri_for (int qual)
   mri_assemble (buf);
 
   /* bcc bottom.  */
-  ex[0] = TOLOWER (extent);
-  ex[1] = '\0';
-  if (up)
-    sprintf (buf, "blt%s %s", ex, n->bottom);
-  else
-    sprintf (buf, "bgt%s %s", ex, n->bottom);
+  s = buf;
+  *s++ = 'b';
+  *s++ = up ? 'l' : 'g';
+  *s++ = 't';
+  if (extent != '\0')
+    *s++ = TOLOWER (extent);
+  *s++ = ' ';
+  strcpy (s, n->bottom);
   mri_assemble (buf);
 
   /* Put together the add or sub instruction used by ENDF.  */