[clang] [Clang][Sema] Add fortify warnings for stpcpy (PR #141646)

Sharjeel Khan via cfe-commits cfe-commits at lists.llvm.org
Tue May 27 10:56:52 PDT 2025 

https://github.com/Sharjeel-Khan created https://github.com/llvm/llvm-project/pull/141646

Android has local fortify warnings for functions not seen in LLVM. My plan is to upstream them all and I am starting with stpcpy.

>From 1213e3a40f566270f05086a17ba51289f1fd2c09 Mon Sep 17 00:00:00 2001
From: Sharjeel Khan <sharjeelkhan at google.com>
Date: Tue, 27 May 2025 17:50:31 +0000
Subject: [PATCH] [Clang][Sema] Add fortify warnings for stpcpy

Android has local fortify warnings for functions not seen in LLVM. My
plan is to upstream them all and I am starting with stpcpy.
---
 clang/lib/Sema/SemaChecking.cpp       | 3 +++
 clang/test/Sema/warn-fortify-source.c | 8 ++++++++
 2 files changed, 11 insertions(+)

diff --git a/clang/lib/Sema/SemaChecking.cpp b/clang/lib/Sema/SemaChecking.cpp
index 930e9083365a1..025592beff5b0 100644
--- a/clang/lib/Sema/SemaChecking.cpp
+++ b/clang/lib/Sema/SemaChecking.cpp
@@ -1257,6 +1257,8 @@ void Sema::checkFortifiedBuiltinMemoryFunction(FunctionDecl *FD,
   switch (BuiltinID) {
   default:
     return;
+  case Builtin::BI__builtin_stpcpy:
+  case Builtin::BIstpcpy:
   case Builtin::BI__builtin_strcpy:
   case Builtin::BIstrcpy: {
     DiagID = diag::warn_fortify_strlen_overflow;
@@ -1265,6 +1267,7 @@ void Sema::checkFortifiedBuiltinMemoryFunction(FunctionDecl *FD,
     break;
   }
 
+  case Builtin::BI__builtin___stpcpy_chk:
   case Builtin::BI__builtin___strcpy_chk: {
     DiagID = diag::warn_fortify_strlen_overflow;
     SourceSize = ComputeStrLenArgument(1);
diff --git a/clang/test/Sema/warn-fortify-source.c b/clang/test/Sema/warn-fortify-source.c
index a12460b963cd0..f48ea0907c657 100644
--- a/clang/test/Sema/warn-fortify-source.c
+++ b/clang/test/Sema/warn-fortify-source.c
@@ -71,6 +71,14 @@ void call_strcpy_nowarn(void) {
   __builtin_strcpy(dst, src);
 }
 
+void call_stpcpy(void) {
+  const char *const src = "abcd";
+  char dst1[5];
+  char dst2[4];
+  __builtin_stpcpy(dst1, src);
+  __builtin_stpcpy(dst2, src); // expected-warning {{'stpcpy' will always overflow; destination buffer has size 4, but the source string has length 5 (including NUL byte)}}
+}
+
 void call_memmove(void) {
   char s1[10], s2[20];
   __builtin_memmove(s2, s1, 20);

More information about the cfe-commits mailing list