[cfe-dev] [PATCH] [libc++] Ensure std::getline always 0-terminates string.

Thu Sep 7 23:38:43 PDT 2017

Patches should go to cfe-commits, not cfe-dev. You can also use Phabricator.

On 9/7/17, 11:17 PM, "cfe-dev on behalf of Reimar Döffinger via cfe-dev" <cfe-dev-bounces at lists.llvm.org on behalf of cfe-dev at lists.llvm.org> wrote:

    If the sentinel failed (e.g. due to having reached
    EOF before) or an exception was caught it failed to
    do that.
    While it seems (unfortunately!) not required by the
    specification, libstdc++ does 0-terminate and not
    doing so risks creating security issues in applications.
    ---
     include/istream | 6 ++++--
     1 file changed, 4 insertions(+), 2 deletions(-)

    diff --git a/include/istream b/include/istream
    index 0b8e05d95..5c73df38f 100644
    --- a/include/istream
    +++ b/include/istream
    @@ -1069,16 +1069,18 @@ basic_istream<_CharT, _Traits>::getline(char_type* __s, streamsize __n, char_typ
                     this->rdbuf()->sbumpc();
                     ++__gc_;
                 }
    -            if (__n > 0)
    -                *__s = char_type();
                 if (__gc_ == 0)
                    __err |= ios_base::failbit;
                 this->setstate(__err);
             }
    +        if (__n > 0)
    +            *__s = char_type();
     #ifndef _LIBCPP_NO_EXCEPTIONS
         }
         catch (...)
         {
    +        if (__n > 0)
    +            *__s = char_type();
             this->__set_badbit_and_consider_rethrow();
         }
     #endif  // _LIBCPP_NO_EXCEPTIONS
    -- 
    2.14.1

    _______________________________________________
    cfe-dev mailing list
    cfe-dev at lists.llvm.org
    https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.llvm.org_cgi-2Dbin_mailman_listinfo_cfe-2Ddev&d=DwIGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=o3kDXzdBUE3ljQXKeTWOMw&m=95AJ9O-xGF4otV8l7rSJB5hfLhWipgF4HSBqW_3JVTE&s=rySnF8MixjXB7ean9Q0m80CHp4mVxvRnvCj3g6O_hSU&e= 