nstrftime.c fails to build due to memset overflow

[Marcus Müller]

Dear Gnulib community,

On Linux, x86_64, Fedora 37, ran, on today's coreutils' HEAD (e68b15), which 
submodule-includes gnulib f17d3977:

CFLAGS=-Wno-deprecated-declarations ./configure

(as that CFLAGS is necessary, otherwise sha will fail to build due to using 
deprecated functionality; no big issue).
However, building coreutils fails in gnulib and that does seem to be a 
significant bug:

make -j8 fails with

lib/nstrftime.c: In function '__strftime_internal':
lib/nstrftime.c:147:31: error: 'memset' specified size 18446744073709551615 
exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=]
  147 | # define memset_zero(P, Len) (memset (P, '0', Len), (P) += (Len))
      |                               ^~~~~~~~~~~~~~~~~~~~
lib/nstrftime.c:174:17: note: in expansion of macro 'memset_zero'
  174 |                 memset_zero (p, _delta);                                
      \
      |                 ^~~~~~~~~~~
lib/nstrftime.c:188:31: note: in expansion of macro 'width_add'
  188 | # define width_add1(width, c) width_add (width, 1, *p = c)
      |                               ^~~~~~~~~
lib/nstrftime.c:1047:17: note: in expansion of macro 'width_add1'
 1047 |                 width_add1 (0, sign_char);
      |                 ^~~~~~~~~~


Now, 18446744073709551615 + 1 happens to be 2⁶⁴; so we're actually tryingh to 
`memset(P, '0', -1)` here.

I'm actually having a hard time debugging this, as, to be completely honest, 
I'm not sure how `_delta` ends up being -1:
    if (_n < _w) {
      size_t _delta = _w - _n;
…
But it does!

But then again, I'm also not sure why this macro from 1996 has a parameter `f` 
that it just – ignores. I'm at a point at which I'm not sure who or what to 
blame ;)

I'll venture the guess that there's a combination of unexpected (un)signedness and side effects 
from things that should have been passed as arguments to a function instead of being 
"silently" "captured" by this macro.

Best regards,
Marcus