fortify: add even more warnings

Bug: 131861088
Test: mma
Change-Id: I557309b3e25b54321ee1fe0207f18b6e840bf76e
diff --git a/tests/Android.bp b/tests/Android.bp
index 97712d3..65c6035 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -284,6 +284,7 @@
     name: "bionic_clang_fortify_tests_w_flags",
     cflags: [
         "-Wno-builtin-memcpy-chk-size",
+        "-Wno-format-security",
         "-Wno-format-zero-length",
         "-Wno-memset-transposed-args",
         "-Wno-strlcpy-strlcat-size",
diff --git a/tests/clang_fortify_tests.cpp b/tests/clang_fortify_tests.cpp
index 8b90df4..e1ecfa5 100644
--- a/tests/clang_fortify_tests.cpp
+++ b/tests/clang_fortify_tests.cpp
@@ -55,6 +55,12 @@
 #define __clang_error_if(...)
 #undef __clang_warning_if
 #define __clang_warning_if(...)
+
+// SOMETIMES_CONST allows clang to emit eager diagnostics when we're doing compilation tests, but
+// blocks them otherwise. This is needed for diagnostics emitted with __enable_if.
+#define SOMETIMES_CONST volatile
+#else
+#define SOMETIMES_CONST const
 #endif
 
 #include <err.h>
@@ -484,17 +490,18 @@
 FORTIFY_TEST(stdio) {
   char small_buffer[8] = {};
   {
-#if 0
-    // expected-error@+1{{may overflow the destination buffer}}
-#endif
+    // expected-error@+1{{size is larger than the destination buffer}}
     EXPECT_FORTIFY_DEATH(snprintf(small_buffer, sizeof(small_buffer) + 1, ""));
 
     va_list va;
-#if 0
-    // expected-error@+1{{may overflow the destination buffer}}
-#endif
+    // expected-error@+2{{size is larger than the destination buffer}}
     // expected-warning@+1{{format string is empty}}
     EXPECT_FORTIFY_DEATH(vsnprintf(small_buffer, sizeof(small_buffer) + 1, "", va));
+
+    const char *SOMETIMES_CONST format_string = "aaaaaaaaa";
+
+    // expected-error@+1{{format string will always overflow}}
+    EXPECT_FORTIFY_DEATH(sprintf(small_buffer, format_string));
   }
 
   // expected-error@+1{{size should not be negative}}