0

I get this warnings while compiling a 'C' language file.

In function ‘strncat’,inlined from ‘O281DC3F563F92003x’ at util.c:817:13:
/usr/arm-linux-gnueabihf/include/bits/string3.h:152:3: warning: call to 
__builtin___strncat_chk might overflow destination buffer [enabled by 
default]

In function ‘strncat’,inlined from ‘UFE191C0002FB606Eb’ at util.c:3231:25:
/usr/arm-linux-gnueabihf/include/bits/string3.h:152:3: warning: call to 
__builtin___strncat_chk might overflow destination buffer [enabled by 
default]

In function ‘strncat’,

How can I remove these warnings?

Klaus Gütter
  • 11,151
  • 6
  • 31
  • 36
Ashish Durgapal
  • 39
  • 7
  • Please read about how to create an MCVE ([MCVE]). You definitely don't want to show 3,000+ lines of code. Reduce the code down to a bare minimum. You'll find that something is being copied into a string and the length is specified wrong. You work out how it should be called. One wrong way to use `strncpy()` is: `strncpy(target, source, sizeof(source));` — the size should be the size of the target, hence `strncpy(target, source, sizeof(target));`. Remember, `strncpy()` does not guarantee null termination. – Jonathan Leffler Jan 04 '19 at 12:01

1 Answers1

0

As mention in this answer, you can replace easily the usage of strncat with snprintf which takes in argument the site of the buffer and makes it safe to use.

strncat example:

#define BUF_SIZE 32
char buf[BUF_SIZE];

strncpy(buf, "foo", sizeof(buf) -1);
strncat(buf, "bar", sizeof(buf) - strlen(buf) -1);

Safer snprintf example:

#define BUF_SIZE 32
char buf[BUF_SIZE];

snprintf(buf, sizeof(buf), "%s%s", "foo", "bar");

The downside of this method is that you have to use an intermediate buffer if you actually want to concatenate as:

snprintf(buf, sizeof(buf), "%s%s", buf, "bar");

results in undefined behavior.

Puck
  • 2,080
  • 4
  • 19
  • 30