www.delorie.com/archives/browse.cgi   search  
Mail Archives: djgpp-workers/2017/05/04/10:24:27

X-Authentication-Warning: delorie.com: mail set sender to djgpp-workers-bounces using -f
X-Recipient: djgpp-workers AT delorie DOT com
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level:
X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20,RP_MATCHES_RCVD
autolearn=disabled version=3.3.2
Date: Thu, 04 May 2017 17:23:58 +0300
Message-Id: <83a86shf9d.fsf@gnu.org>
From: "Eli Zaretskii (eliz AT gnu DOT org) [via djgpp-workers AT delorie DOT com]" <djgpp-workers AT delorie DOT com>
To: djgpp-workers AT delorie DOT com
In-reply-to: <590A6154.8010308@gmx.de> (djgpp-workers@delorie.com)
Subject: Re: gcc-7.1.0
References: <6953e282-24aa-2b4e-2141-385d8b443111 AT iki DOT fi> <590A6154 DOT 8010308 AT gmx DOT de>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
Reply-To: djgpp-workers AT delorie DOT com
Errors-To: nobody AT delorie DOT com
X-Mailing-List: djgpp-workers AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com 

> Date: Thu, 04 May 2017 01:01:40 +0200
> From: "Juan Manuel Guerrero (juan DOT guerrero AT gmx DOT de) [via djgpp-workers AT delorie DOT com]" <djgpp-workers AT delorie DOT com>
> 
> gcc ... -c dosexec.c
> dosexec.c: In function 'direct_exec_tail':
> dosexec.c:409:19: warning: '%04lX' directive writing between 4 and 7 bytes into a region of size 5 [-Wformat-overflow=]
>       sprintf (t2, "%04lX", tbuf_beg>>4);
>                     ^~~~~
> dosexec.c:409:18: note: directive argument in the range [0, 268435455]
>       sprintf (t2, "%04lX", tbuf_beg>>4);
>                    ^~~~~~~
> dosexec.c:409:5: note: 'sprintf' output between 5 and 8 bytes into a destination of size 5
>       sprintf (t2, "%04lX", tbuf_beg>>4);
>       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> dosexec.c: In function 'go32_exec':
> dosexec.c:1109:50: warning: '%04x' directive writing 4 bytes into a region of size between 3 and 13 [-Wformat-overflow=]
>     sprintf(proxy_cmdline, "%s=%04x %04x %04x %04x %04x",
>                                                    ^~~~
> dosexec.c:1109:26: note: directive argument in the range [0, 65535]
>     sprintf(proxy_cmdline, "%s=%04x %04x %04x %04x %04x",
>                            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> dosexec.c:1109:3: note: 'sprintf' output 26 or more bytes (assuming 36) into a destination of size 34
>     sprintf(proxy_cmdline, "%s=%04x %04x %04x %04x %04x",
>     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>       __PROXY, argc,
>       ~~~~~~~~~~~~~~
>      (unsigned)(tbuf_beg >> 4), rm_off & 0xffff,
>      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>      (unsigned)(tbuf_beg >> 4), si_off & 0xffff);
>      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

It's probably best to tweak the code to make sure the buffer overruns
cannot happen.

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019