mis-sized arguments in printf family results in format specifier corruption

[liquidaty]

If a 64-bit int variable is passed to a %d specifier, the format specifier may in certain cases get corrupted. In the below example, the specifier snippet %04d-%02d-%02d effectively gets corrupted into %04d-%04d-%02d, when preceded by %s where the argument corresponding to the first %04d is oversized.

Not sure this is a bug given that it only occurs when a mis-sized argument is passed, but it seems that error should not corrupt the specifier and could indicate some operation that should be bounded but isn't.

Version of emscripten/emsdk:
emcc (Emscripten gcc/clang-like replacement + linker emulating GNU ld) 3.1.20 (5d878c9)
clang version 16.0.0 (https://github.com/llvm/llvm-project 75767a0f9a926641edbef08e31ec2148ff45da67)
Target: wasm32-unknown-emscripten
Thread model: posix
InstalledDir: /Users/matt/install/emsdk/upstream/bin

To reproduce:

#include <stdio.h>
#include <stdint.h>

int main(int argc, char* argv[]) {
  int64_t y = 2023;
  int m = 3;
  int d = 31;

  fprintf(stderr, "correct: %04d-%02d-%02d\n", (int)y, m, d);
  fprintf(stderr, "incorrect, but expected: %04d-%02d-%02d\n", y, m, d);
  fprintf(stderr, "%s: %04d-%02d-%02d\n", "actual", y, m, d);

  return 0;
}

> gcc44 -m32 main.c && ./a.out
correct: 2023-03-31
incorrect, but expected: 2023-00-03
actual: 2023-00-03

> emcc main.c && node a.out.js
# ... 2 warnings generated.

correct: 2023-03-31
incorrect, but expected: 2023-00-03
actual: 0000-2023-00

[sbc100]

This might be an issue with musl's implementation of printf. Is there some way you could try running the same code on a musl-libc based desktop linux system (e.g. alpine linux)? If it happens the same there then we would know its an upstream musl issue. Not sure how serious it is..