From 8eb1df5752f2acba13f78d33b93ec5d1e954b4ff Mon Sep 17 00:00:00 2001
From: Paul Floyd <pjfloyd@wanadoo.fr>
Date: Thu, 9 Nov 2023 22:19:43 +0100
Subject: [PATCH] Bug 401284 - False positive "Source and destination overlap
 in strncat"

Need to also look at strlcat and plain strcat.
---
 .gitignore                          |  1 +
 NEWS                                |  2 ++
 memcheck/tests/Makefile.am          | 10 ++++++----
 memcheck/tests/bug401284.c          | 14 ++++++++++++++
 memcheck/tests/bug401284.stderr.exp |  0
 memcheck/tests/bug401284.stdout.exp |  1 +
 memcheck/tests/bug401284.vgtest     |  3 +++
 shared/vg_replace_strmem.c          |  2 +-
 8 files changed, 28 insertions(+), 5 deletions(-)
 create mode 100644 memcheck/tests/bug401284.c
 create mode 100644 memcheck/tests/bug401284.stderr.exp
 create mode 100644 memcheck/tests/bug401284.stdout.exp
 create mode 100644 memcheck/tests/bug401284.vgtest

diff --git a/.gitignore b/.gitignore
index da322ecf1..5090d773b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -857,6 +857,7 @@
 /memcheck/tests/bug340392
 /memcheck/tests/bug464969_d_demangle
 /memcheck/tests/bug472219
+/memcheck/tests/bug401284
 /memcheck/tests/calloc-overflow
 /memcheck/tests/cdebug_zlib
 /memcheck/tests/cdebug_zlib_gnu
diff --git a/NEWS b/NEWS
index 5b62d0526..05fb4a8dd 100644
--- a/NEWS
+++ b/NEWS
@@ -23,6 +23,8 @@ bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
 than mailing the developers (or mailing lists) directly -- bugs that
 are not entered into bugzilla tend to get forgotten about or ignored.
 
+
+401284  False positive "Source and destination overlap in strncat"
 475498  Add reallocarray wrapper
 476320  Build failure with GCC
 476535  Difference in allocation size for massif/tests/overloaded-new between clang++/libc++ and g++/libstdc++
diff --git a/memcheck/tests/Makefile.am b/memcheck/tests/Makefile.am
index 47b538474..e49888be8 100644
--- a/memcheck/tests/Makefile.am
+++ b/memcheck/tests/Makefile.am
@@ -97,10 +97,6 @@ EXTRA_DIST = \
 	atomic_incs.stdout.exp-64bit-and-128bit \
 	badaddrvalue.stderr.exp \
 	badaddrvalue.stdout.exp badaddrvalue.vgtest \
-        exit_on_first_error.stderr.exp \
-        exit_on_first_error.vgtest \
-        exit_on_first_error_with_xml.stderr.exp \
-        exit_on_first_error_with_xml.vgtest \
 	badfree-2trace.stderr.exp badfree-2trace.vgtest \
 	badfree.stderr.exp badfree.vgtest \
 	badfree3.stderr.exp badfree3.vgtest \
@@ -118,6 +114,7 @@ EXTRA_DIST = \
 	bug155125.stderr.exp bug155125.vgtest \
 	bug287260.stderr.exp bug287260.vgtest \
 	bug340392.stderr.exp bug340392.vgtest \
+	bug401284.stderr.exp bug401284.stdout.exp bug401284.vgtest \
 	bug464969_d_demangle.stderr.exp bug464969_d_demangle.vgtest \
 		bug464969_d_demangle.stdout.exp \
 	bug472219.stderr.exp bug472219.vgtest \
@@ -195,6 +192,10 @@ EXTRA_DIST = \
 	erringfds.stderr.exp erringfds.stdout.exp erringfds.vgtest \
 	error_counts.stderr.exp error_counts.vgtest \
 	errs1.stderr.exp errs1.vgtest \
+        exit_on_first_error.stderr.exp \
+        exit_on_first_error.vgtest \
+        exit_on_first_error_with_xml.stderr.exp \
+        exit_on_first_error_with_xml.vgtest \
 	exitprog.stderr.exp exitprog.vgtest \
 	execve1.stderr.exp execve1.vgtest execve1.stderr.exp-kfail \
 	execve2.stderr.exp execve2.vgtest execve2.stderr.exp-kfail \
@@ -457,6 +458,7 @@ check_PROGRAMS = \
 	bug155125 \
 	bug287260 \
 	bug340392 \
+	bug401284 \
 	bug464969_d_demangle \
 	bug472219 \
 	calloc-overflow \
diff --git a/memcheck/tests/bug401284.c b/memcheck/tests/bug401284.c
new file mode 100644
index 000000000..704ed52f2
--- /dev/null
+++ b/memcheck/tests/bug401284.c
@@ -0,0 +1,14 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+int main(int argc, char* argv[])
+{
+    size_t len = strlen(argv[1]);
+    char*  buf = (char*) malloc(2 * len + 1);
+    memcpy(buf, argv[1], len + 1);
+    strncat(buf + len, buf, len);
+    printf("%s\n", buf);
+    free(buf);
+    return 0;
+}
diff --git a/memcheck/tests/bug401284.stderr.exp b/memcheck/tests/bug401284.stderr.exp
new file mode 100644
index 000000000..e69de29bb
diff --git a/memcheck/tests/bug401284.stdout.exp b/memcheck/tests/bug401284.stdout.exp
new file mode 100644
index 000000000..9c708c17a
--- /dev/null
+++ b/memcheck/tests/bug401284.stdout.exp
@@ -0,0 +1 @@
+hellohello
diff --git a/memcheck/tests/bug401284.vgtest b/memcheck/tests/bug401284.vgtest
new file mode 100644
index 000000000..d846d2100
--- /dev/null
+++ b/memcheck/tests/bug401284.vgtest
@@ -0,0 +1,3 @@
+prog: bug401284
+args: hello
+vgopts: -q
diff --git a/shared/vg_replace_strmem.c b/shared/vg_replace_strmem.c
index 79e640189..747b903fe 100644
--- a/shared/vg_replace_strmem.c
+++ b/shared/vg_replace_strmem.c
@@ -370,7 +370,7 @@ static inline void my_exit ( int x )
       if (is_overlap(dst_orig,  \
                      src_orig,  \
                      (Addr)dst-(Addr)dst_orig+1, \
-                     (Addr)src-(Addr)src_orig+1)) \
+                     (Addr)src-(Addr)src_orig)) \
          RECORD_OVERLAP_ERROR("strncat", dst_orig, src_orig, n); \
       \
       return dst_orig; \
-- 
2.11.4.GIT