Fix strncat/wcsncat

Previously, no checks were done when __n <= __b, but strncat _appends_ after existing content, making this a overly broad check check. For example, with an 8-byte buffer containing "12345\0", strncat(buf, "ABCD", 4) would have the check skipped, but the result "12345ABCD\0" is 10 bytes, resulting in an overflow. This commit fixes this oversight, and adds a bunch of tests.
author: jvoisin 2026-05-01 00:36:32 +0200
committer: jvoisin 2026-05-01 00:44:53 +0200
commit: ddd22b2f533db9c0da0bb262fbafa51f67c8587e (patch)
tree: d319dab03de20929f95ccf7f9bec8c428ab6a66b /tests/test_strncat_n_gt_buf.c
parent: d6105aba5fd791e8d3f069e771517cdb947b5604 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/tests/test_strncat_n_gt_buf.c b/tests/test_strncat_n_gt_buf.c
new file mode 100644
index 0000000..cca226b
--- /dev/null
+++ b/tests/test_strncat_n_gt_buf.c
@@ -0,0 +1,17 @@
+#include "common.h"
+#include <string.h>
+int main(int argc, char** argv) {
+  char buffer[8] = {0};
+  strncat(buffer, "12345", 5);
+  puts(buffer);
+  /* n > buffer size and overflow: n=10, buffer has 5 chars. */
+  CHK_FAIL_START
+  strncat(buffer, "1234567890", 10);
+  CHK_FAIL_END
+  puts(buffer);
+  return ret;
+}
author	jvoisin	2026-05-01 00:36:32 +0200
committer	jvoisin	2026-05-01 00:44:53 +0200
commit	ddd22b2f533db9c0da0bb262fbafa51f67c8587e (patch)
tree	d319dab03de20929f95ccf7f9bec8c428ab6a66b /tests/test_strncat_n_gt_buf.c
parent	d6105aba5fd791e8d3f069e771517cdb947b5604 (diff)

diff --git a/tests/test_strncat_n_gt_buf.c b/tests/test_strncat_n_gt_buf.c new file mode 100644 index 0000000..cca226b --- /dev/null +++ b/tests/test_strncat_n_gt_buf.c
@@ -0,0 +1,17 @@
	1	#include "common.h"
	2
	3	#include <string.h>
	4
	5	int main(int argc, char** argv) {
	6	char buffer[8] = {0};
	7	strncat(buffer, "12345", 5);
	8	puts(buffer);
	9
	10	/* n > buffer size and overflow: n=10, buffer has 5 chars. */
	11	CHK_FAIL_START
	12	strncat(buffer, "1234567890", 10);
	13	CHK_FAIL_END
	14
	15	puts(buffer);
	16	return ret;
	17	}