std.cfg: Fixed bufferAccessOutOfBounds false negative for strncmp().

nikita215 · Apr 13, 2021 · f62d9d5 · f62d9d5
1 parent 03bdcc4
commit f62d9d5
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 0 deletions.
diff --git a/cfg/std.cfg b/cfg/std.cfg
@@ -5000,10 +5000,14 @@ The obsolete function 'gets' is called. With 'gets' you'll get a buffer overrun
     <arg nr="1" direction="in">
       <not-null/>
       <not-uninit/>
+      <strz/>
+      <minsize type="argvalue" arg="3"/>
     </arg>
     <arg nr="2" direction="in">
       <not-null/>
       <not-uninit/>
+      <strz/>
+      <minsize type="argvalue" arg="3"/>
     </arg>
     <arg nr="3" direction="in">
       <not-uninit/>

diff --git a/test/cfg/std.c b/test/cfg/std.c
@@ -3561,6 +3561,17 @@ void bufferAccessOutOfBounds_strxfrm(void)
     (void)strxfrm(dest,src,3);
 }
 
+void bufferAccessOutOfBounds_strncmp(void)
+{
+    const char src[3] = "abc";
+    char dest[1] = "a";
+    (void)strncmp(dest,src,1);
+    // cppcheck-suppress bufferAccessOutOfBounds
+    (void)strncmp(dest,src,2);
+    // cppcheck-suppress bufferAccessOutOfBounds
+    (void)strncmp(dest,src,3);
+}
+
 void uninitvar_wcsxfrm(void)
 {
     wchar_t *ds;