From 9bdf4502ed5161ac32fd057d8ee60eca314fddf2 Mon Sep 17 00:00:00 2001
From: Reijo Tomperi <aggro80@users.sourceforge.net>
Date: Sat, 21 Nov 2009 15:45:52 +0200
Subject: [PATCH] Fix #995 (false positive: buffer access out of bounds when
 using fgets) http://sourceforge.net/apps/trac/cppcheck/ticket/995

---
 lib/checkbufferoverrun.cpp | 2 +-
 test/testbufferoverrun.cpp | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp
index e0cd61634..f475722f5 100644
--- a/lib/checkbufferoverrun.cpp
+++ b/lib/checkbufferoverrun.cpp
@@ -482,7 +482,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con
             MathLib::isInt(tok->strAt(4)))
         {
             size_t len = MathLib::toLongNumber(tok->strAt(4));
-            if (len >= static_cast<size_t>(size))
+            if (len > static_cast<size_t>(size))
             {
                 bufferOverrun(tok);
                 continue;
diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp
index 588b9988e..27e8bc5ba 100644
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@@ -779,14 +779,14 @@ private:
         check("void f()\n"
               "{\n"
               "    char str[3];\n"
-              "    fgets(str, 2, stdin);\n"
+              "    fgets(str, 3, stdin);\n"
               "}\n");
         ASSERT_EQUALS("", errout.str());
 
         check("void f()\n"
               "{\n"
               "    char str[3];\n"
-              "    fgets(str, 3, stdin);\n"
+              "    fgets(str, 4, stdin);\n"
               "}\n");
         ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
     }