From: Kefu Chai <tchaikov@gmail.com>
To: libstdc++@gcc.gnu.org
Cc: gcc-patches@gcc.gnu.org, Kefu Chai <tchaikov@gmail.com>,
Kefu Chai <kefu.chai@scylladb.com>,
Jonathan Wakely <jwakely@redhat.com>
Subject: [PATCH v2 1/1] libstdc++: Set _M_string_length before calling _M_dispose() [PR109703]
Date: Wed, 3 May 2023 10:17:13 +0800 [thread overview]
Message-ID: <20230503021713.1146069-2-tchaikov@gmail.com> (raw)
In-Reply-To: <20230503021713.1146069-1-tchaikov@gmail.com>
This patch always sets _M_string_length in the constructor specialized
for range of input_iterator, for the cases like istringstream.
We copy from source range to the local buffer, and then reallocate to
a larger one if necessary. When disposing the old buffer, the old buffer
could be provisioned by the local buffer or an allocated buffer.
_M_is_local() is used to tell if the buffer is the local one or not. In
addition to comparing the buffer address with the local buffer, this
function also performs the sanity checking if _M_string_length is greater
than _S_local_capacity, if the check fails __builtin_unreachable() is
called. But we failed to set _M_string_length in this constructor is
specialized for std::input_iterator. So, if UBSan is enabled when
compiling the source, there are chances that the uninitialized data in
_M_string_length is greater than _S_local_capacity, and the application
aborts a runtime error or exception emitted by the UBSan.
In this change, to avoid the false alarm, _M_string_length is
initialized to zero before doing anything else, so that _M_is_local()
doesn't see an uninitialized value.
This issue only surfaces when constructing a string with a range of
input_iterator, and the uninitialized _M_string_length is greater than
_S_local_capacity, i.e., 15.
libstdc++-v3/ChangeLog:
PR libstdc++/109703
* include/bits/basic_string.h (basic_string(Iter, Iter, Alloc)):
Initialize _M_string_length.
Signed-off-by: Kefu Chai <kefu.chai@scylladb.com>
Co-authored-by: Jonathan Wakely <jwakely@redhat.com>
---
libstdc++-v3/include/bits/basic_string.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libstdc++-v3/include/bits/basic_string.h b/libstdc++-v3/include/bits/basic_string.h
index 8247ee6bdc6..b16b2898b62 100644
--- a/libstdc++-v3/include/bits/basic_string.h
+++ b/libstdc++-v3/include/bits/basic_string.h
@@ -760,7 +760,7 @@ _GLIBCXX_BEGIN_NAMESPACE_CXX11
_GLIBCXX20_CONSTEXPR
basic_string(_InputIterator __beg, _InputIterator __end,
const _Alloc& __a = _Alloc())
- : _M_dataplus(_M_local_data(), __a)
+ : _M_dataplus(_M_local_data(), __a), _M_string_length(0)
{
#if __cplusplus >= 201103L
_M_construct(__beg, __end, std::__iterator_category(__beg));
--
2.40.1
next prev parent reply other threads:[~2023-05-03 2:17 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20230501070622.847749-2-tchaikov@gmail.com>
2023-05-03 2:17 ` [PATCH v2 0/1] Set _M_string_length before calling _M_dispose() Kefu Chai
2023-05-03 2:17 ` Kefu Chai [this message]
2023-05-03 12:22 ` Jonathan Wakely
2023-05-03 12:30 ` kefu chai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230503021713.1146069-2-tchaikov@gmail.com \
--to=tchaikov@gmail.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=jwakely@redhat.com \
--cc=kefu.chai@scylladb.com \
--cc=libstdc++@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).