From a7f0c92c0d6478a9e9a4424f3d63600fb8d6b5c1 Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Wed, 3 Aug 2022 12:30:29 -0500
Subject: [PATCH] src/internal.c: in GetCipherKeaStr(), when gcc-12 or higher
 and `__SANITIZE_ADDRESS__`, wrap in a pragma to ignore -Wstringop-overread,
 due to false positives.

---
 src/internal.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 664fdf074..50f474d9a 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -22927,6 +22927,15 @@ const char* GetCipherSegment(const WOLFSSL_CIPHER* cipher, char n[][MAX_SEGMENT_
     return name;
 }
 
+/* gcc-12 and later, building with ASAN at -O2 and higher, generate spurious
+ * stringop-overread warnings on some (but not all...) reads of n[1] in
+ * GetCipherKeaStr().
+ */
+#if defined(__GNUC__) && __GNUC__ > 11 && defined(__SANITIZE_ADDRESS__)
+PRAGMA_GCC_DIAG_PUSH
+PRAGMA_GCC("GCC diagnostic ignored \"-Wstringop-overread\"")
+#endif
+
 const char* GetCipherKeaStr(char n[][MAX_SEGMENT_SZ]) {
     const char* keaStr = NULL;
 
@@ -22957,6 +22966,9 @@ const char* GetCipherKeaStr(char n[][MAX_SEGMENT_SZ]) {
     return keaStr;
 }
 
+#if defined(__GNUC__) && __GNUC__ > 11 && defined(__SANITIZE_ADDRESS__)
+PRAGMA_GCC_DIAG_POP
+#endif
 
 const char* GetCipherAuthStr(char n[][MAX_SEGMENT_SZ]) {