std.cfg: Improved configuration of 'strncpy', which is vulnerable for overlapping write issues.

2021-07-09 09:48:24 +02:00 · 2021-07-09 09:48:24 +02:00 · 58811808d5
parent 1c60dc090a
commit 58811808d5
2 changed files with 7 additions and 0 deletions
--- a/cfg/std.cfg
+++ b/cfg/std.cfg
@ -4853,6 +4853,7 @@ The obsolete function 'gets' is called. With 'gets' you'll get a buffer overrun
    <returnValue type="char *"/>
    <noreturn>false</noreturn>
    <leak-ignore/>
+    <not-overlapping-data ptr1-arg="1" ptr2-arg="2" size-arg="3"/>
    <arg nr="1" direction="out">
      <not-null/>
      <minsize type="argvalue" arg="3"/>
--- a/test/cfg/std.cpp
+++ b/test/cfg/std.cpp
@ -30,6 +30,12 @@
 #include <functional>
 #include <bitset>

+char * overlappingWriteFunction_strncpy(char *buf)
+{
+    // cppcheck-suppress overlappingWriteFunction
+    return strncpy(&buf[0], &buf[3], 2U);
+}
+
 std::bitset<10> std_bitset_test_ignoredReturnValue()
 {
    std::bitset<10> b1("1111010000");