fb50a1cca3a117bb964c43196671142484b13bf9 braney Fri Jun 12 12:10:47 2026 -0700 lib jkOwnLib hg/lib: fix warnings exposed by -O3 build At -O3 GCC does more inlining and interprocedural range analysis, which surfaces several warnings that -O -g never triggered. With -Werror these break the build, so fix them ahead of switching the default to -O3. - bamFile.c: move setenv() into the else of its NULL guard so it is not reachable with a NULL argument (-Wnonnull, seen via inlining of bamFetch). - basicBed.c, wormdna.c, bedDetail.c, customFactory.c, hdb.c, qaSeq.c: replace strncpy() with safecpy() where the result must be terminated (-Wstringop-truncation). - htmshell.c: use memcpy() for the intentional exact-length, non-terminated copy (-Wstringop-truncation). - obscure.c: compute the comma groups in sprintLongWithCommas() with % 1000 so the compiler can see each %03lld argument is bounded (-Wformat-overflow). - crudeali.c: do the endian type-pun through a union so strict-aliasing analysis no longer reports the value as uninitialized (-Wuninitialized). - jksql.c: wrap a possibly-NULL database name in naForNull() before passing it to %s (-Wformat-overflow). refs #37761 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> diff --git src/lib/htmshell.c src/lib/htmshell.c index 90547420d11..a49d33bbe2d 100644 --- src/lib/htmshell.c +++ src/lib/htmshell.c @@ -308,31 +308,31 @@ if (c == '<') { size = 4; newString = "<" ; } // '<' open of tag if (c == '/') { size = 6; newString = "/"; } // forward slash helps end an HTML entity if (c == '"') { size = 6; newString = """; } // double quote if (c == '\'') { size = 5; newString = "'" ; } // single quote if (out) { if (outSize > 0 && (total+size+1) > outSize) // 1 for terminator { *out = 0; return -1; } if (size == 1) *out++ = c; else { - strncpy(out, newString, size); + memcpy(out, newString, size); out += size; } } total += size; } while (c != 0); return total - 1; // do not count terminating 0 } int htmlEncodeTextSize(char *s) /* Returns what the encoded size will be after replacing characters with html codes or entities. */ { return htmlEncodeTextExtended(s, NULL, 0); }