Subject: [Boost-bugs] [Boost C++ Libraries] #4772: binary_buffer_iprimitive fails on vector access when reading in zero length item at end of buffer_
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2010-10-22 19:37:12
#4772: binary_buffer_iprimitive fails on vector access when reading in zero length
item at end of buffer_
---------------------------------------------------------------+------------
Reporter: Jeff Jackowski <jeff.jackowski@…> | Owner: dgregor
Type: Bugs | Status: new
Milestone: To Be Determined | Component: mpi
Version: Boost 1.43.0 | Severity: Problem
Keywords: |
---------------------------------------------------------------+------------
When binary_buffer_iprimitive's position == buffer_.size() and
binary_buffer_iprimitive::load_impl is called with l = 0, the bracket
operator on buffer_ will attempt an out of bounds access. The assertion in
load_impl suggests the author was aware these conditions are normal since
the assertion evaluates to true. However, the parameters for the call to
std::memcpy cannot be evaluated because an assertion within buffer_ fails.
Changing load_impl to look like this fixes the problem:
void load_impl(void * p, int l)
{
assert(position+l<=static_cast<int>(buffer_.size()));
if (l)
{
std::memcpy(p,&buffer_[position],l);
position += l;
}
}
It looks like the bug should also exist in Boost's trunk, but I cannot get
the software I'm working on to build with Boost 1.44 and newer, but that
is another issue.
-- Ticket URL: <https://svn.boost.org/trac/boost/ticket/4772> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-02-16 18:50:04 UTC