<html>
<head>
<base href="https://llvm.org/bugs/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW --- - Warn for std::string constructor with wrong size"
href="https://llvm.org/bugs/show_bug.cgi?id=28777">28777</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Warn for std::string constructor with wrong size
</td>
</tr>
<tr>
<th>Product</th>
<td>libc++
</td>
</tr>
<tr>
<th>Version</th>
<td>3.8
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>All Bugs
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedclangbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>david@doublewise.net
</td>
</tr>
<tr>
<th>CC</th>
<td>llvm-bugs@lists.llvm.org, mclow.lists@gmail.com
</td>
</tr>
<tr>
<th>Classification</th>
<td>Unclassified
</td>
</tr></table>
<p>
<div>
<pre>This is the same bug in gcc reported here:
<a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=54924&list_id=139817">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=54924&list_id=139817</a>
The constructor for std::string that takes a pointer to an array of char and a
size assumes that the array of char you pass in is at least as large as the
size you specify. In other words, std::string str("0", 100) is undefined
behavior. The real issue can be much more subtle if escape characters are
involved:
// Construct a string alternating a literal '0' with a null character '\0'
std::string str("0\00\00\00\00\0", 10);
It would be nice if there were some way to warn that the size argument passed
in does not match the array (pointer) argument.
I don't know exactly which component this bug should be filed against. It seems
that clang needs to provide some sort of ability to annotate that an integer
parameter is the size of a pointer (array) parameter, and then libc++ needs to
use this annotation on std::string so that clang can provide the warning. I do
not know if this infrastructure exists.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>