Subject: [Boost-bugs] [Boost C++ Libraries] #2685: [serialization][variant]Deserializing 'which' should check for values less than 0
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2009-01-27 00:38:47
#2685: [serialization][variant]Deserializing 'which' should check for values less
than 0
--------------------------------------------------------+-------------------
Reporter: Nevin ":-)" Liber <nevin_at_[hidden]> | Owner: ramey
Type: Bugs | Status: new
Milestone: Boost 1.38.0 | Component: serialization
Version: Boost 1.37.0 | Severity: Problem
Keywords: |
--------------------------------------------------------+-------------------
In <boost/serialization/variant.hpp>:
{{{
template<class Archive, BOOST_VARIANT_ENUM_PARAMS(/* typename */ class T)>
void load(
Archive & ar,
boost::variant<BOOST_VARIANT_ENUM_PARAMS(T)>& v,
unsigned int version
){
int which;
typedef BOOST_DEDUCED_TYPENAME
boost::variant<BOOST_VARIANT_ENUM_PARAMS(T)>::types types;
ar >> BOOST_SERIALIZATION_NVP(which);
if(which >= mpl::size<types>::value)
// this might happen if a type was removed from the list of
variant types
boost::serialization::throw_exception(
boost::archive::archive_exception(
boost::archive::archive_exception::unsupported_version
)
);
//...
}}}
Since 'which' is an int, there should be a check and an exception thrown
if which < 0.
-- Ticket URL: <https://svn.boost.org/trac/boost/ticket/2685> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-02-16 18:49:59 UTC