[libcxx-commits] [PATCH] D68952: Guard against possible overflow in span.subpan
Michael Schellenberger Costa via Phabricator via libcxx-commits
libcxx-commits at lists.llvm.org
Mon Oct 14 11:49:09 PDT 2019
miscco created this revision.
miscco added reviewers: CaseyCarter, mclow.lists.
Herald added subscribers: libcxx-commits, ldionne.
There is a possible overflow in span.subspan as described here https://github.com/microsoft/STL/issues/159
Interestingly the other three overloads are already correct.
While we are there use `element_type` rather than `_Tp`
Repository:
rCXX libc++
https://reviews.llvm.org/D68952
Files:
include/span
Index: include/span
===================================================================
--- include/span
+++ include/span
@@ -445,10 +445,10 @@
template <size_t _Offset, size_t _Count = dynamic_extent>
_LIBCPP_INLINE_VISIBILITY
- constexpr span<_Tp, dynamic_extent> subspan() const noexcept
+ constexpr span<element_type, dynamic_extent> subspan() const noexcept
{
_LIBCPP_ASSERT(_Offset <= size(), "Offset out of range in span::subspan()");
- _LIBCPP_ASSERT(_Count == dynamic_extent || _Offset + _Count <= size(), "Count out of range in span::subspan()");
+ _LIBCPP_ASSERT(_Count == dynamic_extent || _Offset <= size() - _Count, "Count out of range in span::subspan()");
return {data() + _Offset, _Count == dynamic_extent ? size() - _Offset : _Count};
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D68952.224886.patch
Type: text/x-patch
Size: 817 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/libcxx-commits/attachments/20191014/78f22da5/attachment-0001.bin>
More information about the libcxx-commits
mailing list