]> git.ipfire.org Git - thirdparty/gcc.git/commit
projects / thirdparty / gcc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5406e35) | patch
analyzer: fix false +ve buffer overflow on sprintf [PR117369]
authorDavid Malcolm <dmalcolm@redhat.com>
Thu, 12 Feb 2026 01:49:44 +0000 (20:49 -0500)
committerDavid Malcolm <dmalcolm@redhat.com>
Thu, 12 Feb 2026 01:49:44 +0000 (20:49 -0500)
commit29ad594504dcc1fa736d7305e5a853c08e4e4180
tree9aabac9b60337a30fbbcaf6c5284afa6bb2ad16ctree
parent5406e3529a24cb2d61180335991cf8528f09538ccommit | diff
analyzer: fix false +ve buffer overflow on sprintf [PR117369]

gcc/analyzer/ChangeLog:
PR analyzer/117369
* kf.cc (kf_sprintf::impl_call_pre): Use the capacity of the
region when "faking" a write to the destination buffer, to
avoid buffer overflow false +ves.

gcc/testsuite/ChangeLog:
PR analyzer/117369
* c-c++-common/analyzer/sprintf-pr117369.c: New test.
* gcc.dg/analyzer/doom-d_main-IdentifyVersion.c: Update expected
results to reflect complexity limits being hit earlier.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>
gcc/analyzer/kf.cc diff | blob | blame | history
gcc/testsuite/c-c++-common/analyzer/sprintf-pr117369.c [new file with mode: 0644] blob
gcc/testsuite/gcc.dg/analyzer/doom-d_main-IdentifyVersion.c diff | blob | blame | history
Mirror of https://gcc.gnu.org/git/gcc.git