From 34b3fe6af033759fb380f1cb757f5a868a408af7 Mon Sep 17 00:00:00 2001
From: Ettl Martin <ettl.martin78@googlemail.com>
Date: Wed, 13 Mar 2013 10:55:20 +0100
Subject: [PATCH] #1659 added TODO-testcases.

---
 test/testbufferoverrun.cpp | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp
index fc4ca47cb..90a2fcc21 100644
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@@ -202,6 +202,7 @@ private:
 
         TEST_CASE(memfunc1);  // memchr/memset/memcpy
         TEST_CASE(memfunc2);
+        TEST_CASE(memfunc3);  // ticket #1659
 
         TEST_CASE(varid1);
         TEST_CASE(varid2);
@@ -3158,6 +3159,30 @@ private:
         ASSERT_EQUALS("", errout.str());
     }
 
+    // ticket #1659 - overflowing variable when using memcpy
+    void memfunc3() {
+        check("void f() { \n"
+              "char str1[]=\"Sample string\";\n"
+              "char str2;\n"
+              "memcpy (&str2,str1,strlen(str1)+1);\n"
+              "}");
+        TODO_ASSERT_EQUALS("[test.cpp:4]: (error) Buffer is accessed out of bounds: str1\n","", errout.str());
+
+        check("void f() {\n"
+              "    char a[10];\n"
+              "    char str1[] = \"abcdef\";\n"
+              "    memset(a, 0, strlen(str1)+5);\n"
+              "}");
+        TODO_ASSERT_EQUALS("[test.cpp:4]: (error) Buffer is accessed out of bounds: str1\n","", errout.str());
+
+        check("void f() { \n"
+              "char str1[]=\"Sample string\";\n"
+              "char str2;\n"
+              "memcpy (&str2,str1,15);\n" // <-- strlen(str1) + 1 = 15
+              "}");
+        ASSERT_EQUALS("[test.cpp:4]: (error) Buffer is accessed out of bounds: str1\n", errout.str());
+    }
+
     void varid1() {
         check("void foo()\n"
               "{\n"