[Bug 3809] snprintf const char *fmt detection false negatives with Clang and _FORTIFY_SOURCE=2
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Apr 15 23:15:25 AEST 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3809
--- Comment #5 from Jose Luis Duran <jlduran at gmail.com> ---
(In reply to Jose Luis Duran from comment #4)
> $ ./configure --with-cflags=-D_FORTIFY_SOURCE=2 2>&1 | grep snprintf
> checking for snprintf... yes
> checking for vsnprintf... yes
> checking whether snprintf correctly terminates long strings... no
> configure: WARNING: ****** Your snprintf() function is broken,
> complain to your vendor
> checking whether snprintf understands %zu... no
> checking whether vsnprintf returns correct values on overflow... yes
> checking whether snprintf can declare const char *fmt... no
That last check should have been:
$ ./configure --with-cflags=-D_FORTIFY_SOURCE=2 2>&1 | grep snprintf
checking for snprintf... yes
checking for vsnprintf... yes
checking whether snprintf correctly terminates long strings... yes
checking whether snprintf understands %zu... yes
checking whether vsnprintf returns correct values on overflow... yes
checking whether snprintf can declare const char *fmt... no
Same for NetBSD (FreeBSD's upstream for source fortification), using
CC=clang.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list