[libcxx-commits] [libcxx] [libc++][hardening] Reclassify string_view(ptr, len)'s size assertion (PR #79297)
Konstantin Varlamov via libcxx-commits
libcxx-commits at lists.llvm.org
Sat Mar 9 22:59:29 PST 2024
================
@@ -307,9 +307,10 @@ public:
: __data_(__s),
__size_(__len) {
#if _LIBCPP_STD_VER >= 14
- // This will result in creating an invalid `string_view` object -- some calculations involving `size` would
- // overflow, making it effectively truncated.
- _LIBCPP_ASSERT_ARGUMENT_WITHIN_DOMAIN(
+ // Allocations must fit in `ptrdiff_t` for pointer arithmetic to work. If `__len` exceeds it, the input
+ // range could not have been valid. Most likely the caller underflowed some arithmetic and inadvertently
----------------
var-const wrote:
I think the maximum size of an object is implementation-defined but on Clang it's considerably smaller than the maximum value of `ptrdiff_t` (further strengthening the argument that the input range couldn't have been valid).
https://github.com/llvm/llvm-project/pull/79297
More information about the libcxx-commits
mailing list