From ec6edaee6e5dfe1dd321762bf04f705e975e8181 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= <danielm77@spray.se>
Date: Sun, 21 Nov 2010 12:24:57 +0100
Subject: [PATCH] Buffer overflow: Added unit test that makes sure that array
 index out of bounds is detected inside loop. Ticket: #2199

---
 test/testbufferoverrun.cpp | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp
index 271eb14ae..b9055c30f 100644
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@@ -1196,6 +1196,16 @@ private:
               "    }\n"
               "}\n");
         ASSERT_EQUALS("[test.cpp:5]: (error) Array 'data[8]' index 17 out of bounds\n", errout.str());
+
+        // #2199 - false negative: array out of bounds in loop when there is calculation
+        check("void f()\n"
+              "{\n"
+              "    char arr[5];\n"
+              "    for (int i = 0; i < 5; ++i) {\n"
+              "        arr[i + 7] = 0;\n"
+              "    }\n"
+              "}\n");
+        ASSERT_EQUALS("[test.cpp:5]: (error) Array 'arr[5]' index 11 out of bounds\n", errout.str());
     }
 
     void array_index_negative()