public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libstdc++/48355] New: Assigning NULL to string segfaults
@ 2011-03-30  8:29 amr.ali.cc at gmail dot com
  2011-03-30  8:51 ` [Bug libstdc++/48355] " redi at gcc dot gnu.org
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: amr.ali.cc at gmail dot com @ 2011-03-30  8:29 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48355

           Summary: Assigning NULL to string segfaults
           Product: gcc
           Version: 4.5.1
            Status: UNCONFIRMED
          Severity: critical
          Priority: P3
         Component: libstdc++
        AssignedTo: unassigned@gcc.gnu.org
        ReportedBy: amr.ali.cc@gmail.com
              Host: Linux 2.6.35-28-generic #49-Ubuntu SMP x86_64


Created attachment 23813
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=23813
Bug reproducible code

When trying to call the ctor of string() or basic_string<char,
char_traits<char>, allocator<char> >() with a NULL pointer parameter (instead
of the char pointer), it would abort() with a logic_error saying that NULLs
aren't allowed.

Which is the result of the following code:

basic_string.tcc
 133     // NB: Not required, but considered best practice.
 134     if (__gnu_cxx::__is_null_pointer(__beg) && __beg != __end)
 135       __throw_logic_error(__N("basic_string::_S_construct null not
valid"));

However, when trying to assign NULL to a string, it doesn't do
__is_null_pointer() check and tries to call __builtin_strlen on the pointer,
which of course, results in the infamous SIGSEGV.

I'd say either make the behavior for the assign() equal to the ctor or
preferably instead just have an empty string when assigned a NULL pointer.

I'd happily write a patch for this myself, I just need a few pointers of where
this should be fixed. I've looked around in basic_string.{h,tcc} and
char_traits.h but still a little confused.

NOTE:
Attached a code snippet to reproduce the behavior mentioned above.

Checked Against:
OSX v10.6.7 - GCC v4.2.1
Linux v2.6.35-28-generic - GCC v4.4.5/v4.5.1


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug libstdc++/48355] Assigning NULL to string segfaults
  2011-03-30  8:29 [Bug libstdc++/48355] New: Assigning NULL to string segfaults amr.ali.cc at gmail dot com
@ 2011-03-30  8:51 ` redi at gcc dot gnu.org
  2011-03-30  9:17 ` redi at gcc dot gnu.org
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: redi at gcc dot gnu.org @ 2011-03-30  8:51 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48355

Jonathan Wakely <redi at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|critical                    |normal

--- Comment #1 from Jonathan Wakely <redi at gcc dot gnu.org> 2011-03-30 08:44:14 UTC ---
severity is not "critical" because your example has undefined behaviour

this has been discussed many times and is not going to change


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug libstdc++/48355] Assigning NULL to string segfaults
  2011-03-30  8:29 [Bug libstdc++/48355] New: Assigning NULL to string segfaults amr.ali.cc at gmail dot com
  2011-03-30  8:51 ` [Bug libstdc++/48355] " redi at gcc dot gnu.org
@ 2011-03-30  9:17 ` redi at gcc dot gnu.org
  2011-03-30  9:19 ` amr.ali.cc at gmail dot com
  2011-03-30  9:28 ` rguenth at gcc dot gnu.org
  3 siblings, 0 replies; 5+ messages in thread
From: redi at gcc dot gnu.org @ 2011-03-30  9:17 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48355

--- Comment #2 from Jonathan Wakely <redi at gcc dot gnu.org> 2011-03-30 09:07:01 UTC ---
duplicate of PR 5258 and PR 994

I'll look into checking when _GLIBCXX_DEBUG is defined but the default
(non-debug mode) behaviour is NOT going to change, your code has a bug, your
code should change not the standard library


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug libstdc++/48355] Assigning NULL to string segfaults
  2011-03-30  8:29 [Bug libstdc++/48355] New: Assigning NULL to string segfaults amr.ali.cc at gmail dot com
  2011-03-30  8:51 ` [Bug libstdc++/48355] " redi at gcc dot gnu.org
  2011-03-30  9:17 ` redi at gcc dot gnu.org
@ 2011-03-30  9:19 ` amr.ali.cc at gmail dot com
  2011-03-30  9:28 ` rguenth at gcc dot gnu.org
  3 siblings, 0 replies; 5+ messages in thread
From: amr.ali.cc at gmail dot com @ 2011-03-30  9:19 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48355

--- Comment #3 from Amr Ali <amr.ali.cc at gmail dot com> 2011-03-30 09:13:57 UTC ---
(In reply to comment #2)
> duplicate of PR 5258 and PR 994
> 
> I'll look into checking when _GLIBCXX_DEBUG is defined but the default
> (non-debug mode) behaviour is NOT going to change, your code has a bug, your
> code should change not the standard library

Yes, I'm not saying that what I'm doing is "right", I'm rather pointed out that
the code actually segfaults, which shouldn't happen even with a faulty value
like a NULL pointer.

I'm only suggesting that a check for a null pointer be present as in the
string() ctor case.


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug libstdc++/48355] Assigning NULL to string segfaults
  2011-03-30  8:29 [Bug libstdc++/48355] New: Assigning NULL to string segfaults amr.ali.cc at gmail dot com
                   ` (2 preceding siblings ...)
  2011-03-30  9:19 ` amr.ali.cc at gmail dot com
@ 2011-03-30  9:28 ` rguenth at gcc dot gnu.org
  3 siblings, 0 replies; 5+ messages in thread
From: rguenth at gcc dot gnu.org @ 2011-03-30  9:28 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48355

Richard Guenther <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|                            |DUPLICATE

--- Comment #4 from Richard Guenther <rguenth at gcc dot gnu.org> 2011-03-30 09:26:13 UTC ---
dup then.

*** This bug has been marked as a duplicate of bug 5258 ***


^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2011-03-30  9:26 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-03-30  8:29 [Bug libstdc++/48355] New: Assigning NULL to string segfaults amr.ali.cc at gmail dot com
2011-03-30  8:51 ` [Bug libstdc++/48355] " redi at gcc dot gnu.org
2011-03-30  9:17 ` redi at gcc dot gnu.org
2011-03-30  9:19 ` amr.ali.cc at gmail dot com
2011-03-30  9:28 ` rguenth at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).