1 // RUN: %clang_cc1 -Wstrncat-size -verify -fsyntax-only %s 2 // RUN: %clang_cc1 -DUSE_BUILTINS -Wstrncat-size -verify -fsyntax-only %s 3 // RUN: %clang_cc1 -fsyntax-only -Wstrncat-size -fixit -x c %s 4 // RUN: %clang_cc1 -DUSE_BUILTINS -fsyntax-only -Wstrncat-size -fixit -x c %s 5 6 typedef __SIZE_TYPE__ size_t; 7 size_t strlen (const char *s); 8 9 #ifdef USE_BUILTINS 10 # define BUILTIN(f) __builtin_ ## f 11 #else 12 # define BUILTIN(f) f 13 #endif 14 15 #define strncat BUILTIN(strncat) 16 char *strncat(char *restrict s1, const char *restrict s2, size_t n); 17 18 struct { 19 char f1[100]; 20 char f2[100][3]; 21 } s4, **s5; 22 23 char s1[100]; 24 char s2[200]; 25 int x; 26 27 void test(char *src) { 28 char dest[10]; 29 30 strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest) - strlen(dest) - 1); // no-warning 31 strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest) - 1); // no-warning - the code might assume that dest is empty 32 33 strncat(dest, src, sizeof(src)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 34 35 strncat(dest, src, sizeof(src) - 1); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 36 37 strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest)); // expected-warning{{the value of the size argument in 'strncat' is too large, might lead to a buffer overflow}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 38 39 strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest) - strlen(dest)); // expected-warning{{the value of the size argument in 'strncat' is too large, might lead to a buffer overflow}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 40 41 strncat((*s5)->f2[x], s2, sizeof(s2)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 42 strncat(s1+3, s2, sizeof(s2)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} 43 strncat(s4.f1, s2, sizeof(s2)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 44 } 45 46 // Don't issue FIXIT for flexible arrays. 47 struct S { 48 int y; 49 char x[]; 50 }; 51 52 void flexible_arrays(struct S *s) { 53 char str[] = "hi"; 54 strncat(s->x, str, sizeof(str)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} 55 } 56 57 // Don't issue FIXIT for destinations of size 1. 58 void size_1() { 59 char z[1]; 60 char str[] = "hi"; 61 62 strncat(z, str, sizeof(z)); // expected-warning{{the value of the size argument to 'strncat' is wrong}} 63 } 64 65 // Support VLAs. 66 void vlas(int size) { 67 char z[size]; 68 char str[] = "hi"; 69 70 strncat(z, str, sizeof(str)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 71 } 72 73 // Non-array type gets a different error message. 74 void f(char* s, char* d) { 75 strncat(d, s, sizeof(d)); // expected-warning {{the value of the size argument to 'strncat' is wrong}} 76 } 77