Boost :

From: Alexander Nasonov (alnsn_at_[hidden])
Date: 2006-04-11 14:38:00

• Next message: Thorsten Ottosen: "Re: [boost] [range] Patch for BCB2006"
• Previous message: Reece Dunn: "Re: [boost] Report from Berlin C++ Standards Committee meeting"
• In reply to: Peter Dimov: "Re: [boost] Report from Berlin C++ Standards Committee meeting"
• Next in thread: Peter Dimov: "Re: [boost] Report from Berlin C++ Standards Committee meeting"
• Reply: Peter Dimov: "Re: [boost] Report from Berlin C++ Standards Committee meeting"

Peter Dimov wrote:
> std::ifstream is( "http://www.example.com/file.zip" );
> std::ofstream os( "file.zip" );
> os << is.rdbuf();
>
> No proposal required, in principle.

Are you aware of (a) ambiguity and (b) potential security hole?

(a)
> mkdir http:
> mkdir http:/www.example.com
> touch http:/www.example.com/file.zip
> file http://www.example.com/file.zip
http://www.example.com/file.zip: empty

(b)
If you replace the first line with something more generic, for example
with:
     std::ifstream is( argv[1] );

it becomes unclear that the code might send requests to the net.

This can be resolved by additional checks appied to argv[1] or, better
yet, with a second agrument to ifstream's ctor that specfify a
domain/protofol (local, net, http, ftp and so on).

-- 
Alexander Nasonov
Project Manager
http://www.akmosoft.com

• Next message: Thorsten Ottosen: "Re: [boost] [range] Patch for BCB2006"
• Previous message: Reece Dunn: "Re: [boost] Report from Berlin C++ Standards Committee meeting"
• In reply to: Peter Dimov: "Re: [boost] Report from Berlin C++ Standards Committee meeting"
• Next in thread: Peter Dimov: "Re: [boost] Report from Berlin C++ Standards Committee meeting"
• Reply: Peter Dimov: "Re: [boost] Report from Berlin C++ Standards Committee meeting"

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk