[llvm-bugs] [Bug 28777] New: Warn for std::string constructor with wrong size

via llvm-bugs llvm-bugs at lists.llvm.org
Fri Jul 29 18:33:06 PDT 2016


https://llvm.org/bugs/show_bug.cgi?id=28777

            Bug ID: 28777
           Summary: Warn for std::string constructor with wrong size
           Product: libc++
           Version: 3.8
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: All Bugs
          Assignee: unassignedclangbugs at nondot.org
          Reporter: david at doublewise.net
                CC: llvm-bugs at lists.llvm.org, mclow.lists at gmail.com
    Classification: Unclassified

This is the same bug in gcc reported here:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=54924&list_id=139817


The constructor for std::string that takes a pointer to an array of char and a
size assumes that the array of char you pass in is at least as large as the
size you specify. In other words, std::string str("0", 100) is undefined
behavior. The real issue can be much more subtle if escape characters are
involved:

// Construct a string alternating a literal '0' with a null character '\0'
std::string str("0\00\00\00\00\0", 10);

It would be nice if there were some way to warn that the size argument passed
in does not match the array (pointer) argument.

I don't know exactly which component this bug should be filed against. It seems
that clang needs to provide some sort of ability to annotate that an integer
parameter is the size of a pointer (array) parameter, and then libc++ needs to
use this annotation on std::string so that clang can provide the warning. I do
not know if this infrastructure exists.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20160730/9709ddd7/attachment-0001.html>


More information about the llvm-bugs mailing list