[Bug 3809] New: snprintf const char *fmt detection false negatives with Clang and _FORTIFY_SOURCE=2

[bugzilla-daemon at mindrot.org]

https://bugzilla.mindrot.org/show_bug.cgi?id=3809

            Bug ID: 3809
           Summary: snprintf const char *fmt detection false negatives
                    with Clang and _FORTIFY_SOURCE=2
           Product: Portable OpenSSH
           Version: -current
          Hardware: amd64
                OS: FreeBSD
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Build system
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jlduran at gmail.com

Created attachment 3869
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3869&action=edit
const/no const detection program

The snippet (attached conftest.c) used to detect whether a system can
declare [v]snprintf() const char *fmt incorrectly fails to detect it on
FreeBSD if compiled with Clang and with _FORTIFY_SOURCE=2 (NetBSD and
macOS might fail as well, but are probably using gcc) :

$ cc -D_FORTIFY_SOURCE=2 conftest.c
conftest.c:2:5: error: expected identifier or '('
    2 | int snprintf(char *a, size_t b, const char *c, ...) { return 0;
}
      |     ^
/usr/include/ssp/stdio.h:88:33: note: expanded from macro 'snprintf'
   88 | #define snprintf(str, len, ...) __extension__ ({        \
      |                                 ^
1 error generated.

A workaround is attached that un-defines source fortifications for the
detection script (unsure if this is the best approach).

-- 
You are receiving this mail because:
You are watching the assignee of the bug.