We’ve received a couple of error reports from our
customers (and via Windows Error Reporting) where it appears that there is a
buffer overflow in the boost::detail::create_once_mutex function. The exception
0xc0000409=STATUS_STACK_BUFFER_OVERRUN appears to be thrown at the __security_check_cookie
check in the function epilogue.
An example of the error on an XP machine says “Application
Error. The exception unknown software exception (0xc0000409) occurred in the
application at location 0x004770b3”. The application was compiled with Boost
1.36.
I should say that it is very rare, I haven’t been able
to reproduce it, and can’t see any problems with the create_once_mutex
function myself (apart from the fact that the int_to_string function doesn’t
check buffer lengths). It just seems odd that the exception of the address (different
builds produce different addresses) always points to the same place.
Regards,
Dave.