diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp index dc4ff9d63..5af05ac39 100644 --- a/lib/checkbufferoverrun.cpp +++ b/lib/checkbufferoverrun.cpp @@ -117,7 +117,10 @@ void CheckBufferOverrun::strncatUsage(const Token *tok) if (_settings && !_settings->_checkCodingStyle) return; - reportError(tok, Severity::warning, "strncatUsage", "Dangerous usage of strncat. Tip: the 3rd parameter means maximum number of characters to append"); + reportError(tok, Severity::warning, "strncatUsage", + "Dangerous usage of strncat - 3rd parameter is the maximum number of characters to append.\n" + "strncat appends at max its 3rd parameter's amount of characters. The safe way to use " + "strncat is to calculate remaining space in the buffer and use it as 3rd parameter."); } void CheckBufferOverrun::outOfBounds(const Token *tok, const std::string &what) diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index 5fd547f4c..34794dbb6 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -2112,7 +2112,7 @@ private: " strncpy(str, a, 10);\n" " strncat(str, b, 10);\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (warning) Dangerous usage of strncat. Tip: the 3rd parameter means maximum number of characters to append\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (warning) Dangerous usage of strncat - 3rd parameter is the maximum number of characters to append.\n", errout.str()); } void strncat2() @@ -2122,7 +2122,7 @@ private: " char str[5];\n" " strncat(str, a, 5);\n" "}\n"); - ASSERT_EQUALS("[test.cpp:4]: (warning) Dangerous usage of strncat. Tip: the 3rd parameter means maximum number of characters to append\n", errout.str()); + ASSERT_EQUALS("[test.cpp:4]: (warning) Dangerous usage of strncat - 3rd parameter is the maximum number of characters to append.\n", errout.str()); } void strncat3()