From: Darrick J. Wong <djwong@xxxxxxxxxx> gcc 12.2 with ubsan and fortify turned on complains about this: In file included from /usr/include/stdio.h:906, from ../include/platform_defs.h:9, from ../include/libxfs.h:16, from progress.c:3: In function ‘sprintf’, inlined from ‘duration’ at progress.c:443:4: /usr/include/x86_64-linux-gnu/bits/stdio2.h:30:10: error: null destination pointer [-Werror=format-overflow=] 30 | return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 31 | __glibc_objsize (__s), __fmt, | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 32 | __va_arg_pack ()); | ~~~~~~~~~~~~~~~~~ I think this is a false negative since all callers are careful not to pass in a null pointer. Unfortunately the compiler cannot detect that since this isn't a static function and complains. Fix this by adding an explicit null check. Signed-off-by: Darrick J. Wong <djwong@xxxxxxxxxx> --- repair/progress.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/repair/progress.c b/repair/progress.c index 084afa63c121..e13494e0ed23 100644 --- a/repair/progress.c +++ b/repair/progress.c @@ -435,6 +435,9 @@ duration(time_t length, char *buf) int seconds; char temp[128]; + if (!buf) + return NULL; + *buf = '\0'; weeks = days = hours = minutes = seconds = sum = 0; if (length >= ONEWEEK) {