[clang] [Clang][Sema] Add fortify warnings for strcat (PR #168965)
via cfe-commits
cfe-commits at lists.llvm.org
Thu Nov 20 14:46:08 PST 2025
https://github.com/venk-ks updated https://github.com/llvm/llvm-project/pull/168965
>From e87a76909a05e83a653281f6142b4d01667adad0 Mon Sep 17 00:00:00 2001
From: Venkatesh Srinivasan <venk at google.com>
Date: Thu, 20 Nov 2025 22:12:18 +0000
Subject: [PATCH] [Clang][Sema] Add fortify warnings for strcat
---
clang/lib/Sema/SemaChecking.cpp | 3 +++
clang/test/Sema/warn-fortify-source.c | 8 ++++++++
2 files changed, 11 insertions(+)
diff --git a/clang/lib/Sema/SemaChecking.cpp b/clang/lib/Sema/SemaChecking.cpp
index 3e1edc4548034..f4e58de91286b 100644
--- a/clang/lib/Sema/SemaChecking.cpp
+++ b/clang/lib/Sema/SemaChecking.cpp
@@ -1263,6 +1263,8 @@ void Sema::checkFortifiedBuiltinMemoryFunction(FunctionDecl *FD,
switch (BuiltinID) {
default:
return;
+ case Builtin::BI__builtin_strcat:
+ case Builtin::BIstrcat:
case Builtin::BI__builtin_stpcpy:
case Builtin::BIstpcpy:
case Builtin::BI__builtin_strcpy:
@@ -1273,6 +1275,7 @@ void Sema::checkFortifiedBuiltinMemoryFunction(FunctionDecl *FD,
break;
}
+ case Builtin::BI__builtin___strcat_chk:
case Builtin::BI__builtin___stpcpy_chk:
case Builtin::BI__builtin___strcpy_chk: {
DiagID = diag::warn_fortify_strlen_overflow;
diff --git a/clang/test/Sema/warn-fortify-source.c b/clang/test/Sema/warn-fortify-source.c
index 216878c0836d8..750bd5361ade9 100644
--- a/clang/test/Sema/warn-fortify-source.c
+++ b/clang/test/Sema/warn-fortify-source.c
@@ -76,6 +76,14 @@ void call_strcpy_nowarn(void) {
__builtin_strcpy(dst, src);
}
+void call_strcat(void) {
+ const char *const src = "abcd";
+ char dst1[5];
+ char dst2[4];
+ __builtin_strcat(dst1, src);
+ __builtin_strcat(dst2, src); // expected-warning {{'strcat' will always overflow; destination buffer has size 4, but the source string has length 5 (including NUL byte)}}
+}
+
void call_stpcpy(void) {
const char *const src = "abcd";
char dst1[5];
More information about the cfe-commits
mailing list