Skip to content

-Werror=stringop-* #1401

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
alejandro-colomar wants to merge 2 commits into
base: master
Choose a base branch
from
Open

-Werror=stringop-* #1401

alejandro-colomar wants to merge 2 commits into from
+2 −98

Conversation

@alejandro-colomar
Copy link
Collaborator

@alejandro-colomar alejandro-colomar commented Dec 5, 2025
edited
Loading

Enable some errors

Revisions:

v1b
  • Rebase
$ git rd 
1:  e2b8dea92 = 1:  914cc281d autogen.sh: Enable -Werror=stringop-* diagnostics
2:  6afa1de54 = 2:  54a9b2f25 tests/unit/test_strncpy.c: Remove strncpy_a() tests
v1c
  • Rebase
$ git rd 
1:  914cc281d = 1:  d80d40e9b autogen.sh: Enable -Werror=stringop-* diagnostics
2:  54a9b2f25 = 2:  5284b6830 tests/unit/test_strncpy.c: Remove strncpy_a() tests

@alejandro-colomar alejandro-colomar marked this pull request as ready for review December 5, 2025 17:16
This was referenced Dec 5, 2025
Draft
Closed
@alejandro-colomar
Copy link
Collaborator Author

alejandro-colomar commented Dec 5, 2025

The opensuse CI is consistently failing, but it seems to be a spurious error.

@alejandro-colomar alejandro-colomar self-assigned this Dec 11, 2025
@alejandro-colomar
autogen.sh: Enable -Werror=stringop-* diagnostics
d80d40e 
We can't enable -Wstringop-overread because it has bogus diagnostics
with legitimate strncat(3) calls.

Link: <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=123024>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
@alejandro-colomar
tests/unit/test_strncpy.c: Remove strncpy_a() tests
5284b68 
It's just the obvious thin wrapper around strncpy(3); let's trust it's
ok.

The reason for removing this test is that GCC has bogus diagnostics
for strncpy(3).  Its diagnostics are geared towards helping people
that abuse strncpy(3) as a poor-man's strlcpy(3) not write exploitable
code as easily.  Using strncpy(3) for that purpose is brain damaged, and
those programs should be audited to stop using this API for that.  And
most importantly, GCC should stop encouraging writing bad code that
calls strncpy(3) as that results in diagnostics that are actively
harmful for us, legitimate users of strncpy(3).  Those false positives
should certainly be out of -Wall.

We could fill the tests with pragmas, but let's just remove the tests.
I don't feel like maintaining code for ignoring GCC's brain bamage.

If people want to write a function for truncating strings (because they
can't rely on strlcpy(3) being available, or because they don't like
it), they certainly should write such an API.  strncpy(3) isn't that
API.  strncpy(3) is a function that takes a string and writes it into a
utmpx(5) member, which is NOT a string.  (And I heard it might also be
useful for implementing tar(1), which also uses non-terminated character
arrays, but I never looked at that code.)

Link: <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=122963>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hallyn hallyn Awaiting requested review from hallyn

@ikerexxe ikerexxe Awaiting requested review from ikerexxe

At least 1 approving review is required to merge this pull request.

Assignees

@alejandro-colomar alejandro-colomar

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alejandro-colomar