Subject: [Boost-bugs] [Boost C++ Libraries] #11632: UB in boost.format basic_oaltstringstream
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2015-09-09 13:25:33
#11632: UB in boost.format basic_oaltstringstream
----------------------+-------------------------------------
Reporter: rogero@… | Type: Bugs
Status: new | Milestone: To Be Determined
Component: None | Version: Boost Development Trunk
Severity: Problem | Keywords:
----------------------+-------------------------------------
The constructors for basic_oaltstringstream in
boost/format/alt_sstream.hpp pass the result of a member call to the
constructor of a base class.
For example the default constructor is
`basic_oaltstringstream()`
` : pbase_type(new stringbuf_t), stream_t(rdbuf())`
` {}`
Where `stream_t` is a `typedef` for the second base class.
I discovered this when using ubsan and I initially raised GCC
[https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67515 pr67515] using a much
simplified test-case; but as Jon Wakely pointed out: "12.6.2
[class.base.init] p16 says this is undefined (and has a very similar
example)."
One solution to avoid UB in this case is to manually inline the call to
`rdbuf()` and so initialise the member of the second base class directly
rather than via the `rdbuf()` function; so for example change
`pbase_type(new stringbuf_t), stream_t(rdbuf())`
to
`pbase_type(new stringbuf_t), stream_t(pbase_type::member.get())`
in the default ctor (and similarly for the other constructors.)
-- Ticket URL: <https://svn.boost.org/trac/boost/ticket/11632> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-02-16 18:50:19 UTC