[Bug 3809] snprintf const char *fmt detection false negatives with Clang and _FORTIFY_SOURCE=2
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Apr 15 22:43:41 AEST 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3809
--- Comment #4 from Jose Luis Duran <jlduran at gmail.com> ---
(In reply to Darren Tucker from comment #3)
> Which version of FreeBSD are you seeing this on? I can't reproduce
> the problem on 14.2, either with the standalone test or configure:
>
> $ uname -a
> FreeBSD fbsd14 14.2-RELEASE-p1 FreeBSD 14.2-RELEASE-p1 GENERIC amd64
Sorry, yes, source fortification is only available on FreeBSD 15.0
(-CURRENT).
> $ clang -D_FORTIFY_SOURCE=2 conftest.c
$ cc -v
FreeBSD clang version 19.1.7 (https://github.com/llvm/llvm-project.git
llvmorg-19.1.7-0-gcd708029e0b2)
Target: x86_64-unknown-freebsd15.0
Thread model: posix
InstalledDir: /usr/bin
Build config: +assertions
> $ ./configure --with-cflags=-D_FORTIFY_SOURCE=2 2>&1 | grep snprintf
> checking for snprintf... yes
> checking for vsnprintf... yes
> checking whether snprintf correctly terminates long strings... yes
> checking whether snprintf understands %zu... yes
> checking whether vsnprintf returns correct values on overflow... yes
> checking whether snprintf can declare const char *fmt... yes
$ ./configure --with-cflags=-D_FORTIFY_SOURCE=2 2>&1 | grep snprintf
checking for snprintf... yes
checking for vsnprintf... yes
checking whether snprintf correctly terminates long strings... no
configure: WARNING: ****** Your snprintf() function is broken, complain
to your vendor
checking whether snprintf understands %zu... no
checking whether vsnprintf returns correct values on overflow... yes
checking whether snprintf can declare const char *fmt... no
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list