From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f]) by sourceware.org (Postfix) with ESMTPS id E1F303858D20; Wed, 3 May 2023 02:17:28 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E1F303858D20 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-x42f.google.com with SMTP id d2e1a72fcca58-64115e652eeso1578228b3a.0; Tue, 02 May 2023 19:17:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1683080247; x=1685672247; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=OCBxQQsS95YUO9tb6/CowBT9aH8PJGCsPyWoAgyQekQ=; b=oVmGBAFglA8L4WzwmrKxcCXo9gav7R2/VrgyzHClorcdEDjZEN74IId45LLkMXKiZE OGAXJZQgPP4FM777GeGg2hfALy0lajY49TC3ZOhIy4B/jtah0ptnx0pImFBEUDiP38ty oJkftfFEBjywNgxX7AHV29Dj4FLjjebsLxs9+213RsBozTKBFGgQJ1jG4vakO5wTpgyB +Qiz/o5rqyPM9dpsbZnrUl5+wZGv6r4qnrN10kVGf49ofW1UErn2tm7MArHxMSNrHVxG GsWQ4lEMEcgyWFtjrouQGHP0ifkVpXafnT5ohA8Y4PwpyQsQjzXf61OpXWIjMb3jQmQm lJAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683080247; x=1685672247; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=OCBxQQsS95YUO9tb6/CowBT9aH8PJGCsPyWoAgyQekQ=; b=EDXNtQgyIH3V6tzIov7gP6q+w4qszGnMYd2WobtcxlpKcpvD0kdHWTMJU1dR0dsI/0 I9jABqzkrLrU0o1HBjKKMYzOYFJl+32wcyFbyuScNNWzdBBQjfF0BJYMV81FmcK+gQZG zFWntpVkl26DqgZ9M16FgG4fa1BMOgoKGGQ+S/xWOVf0uo0oadIkPtGK3aj7tAbSO93o EQBFN8PJNdWBYnauiqj5FZLuBsyqvJyXYjQfLHmjS48DLnjc9BA643z3Ft3DHOGinJQe xfglCyGd1WrOnj+mcxAb0es9VsLGBqbeY6Tkp+JJQabThrnarGM5+rFxzrM1z8Sxf0Nu J8tQ== X-Gm-Message-State: AC+VfDxHADXu/pIGIp7NM9Oe7o6HnQ/q8q7YH2Wq+aF2QuXhm49HIJng YciAZBsu6XEskeDqPetnuPU5P6GB12vmgg== X-Google-Smtp-Source: ACHHUZ7WT7SfgYUyjL/KXf6c7zMakv6SfBDYxeTllEdVijauXMtMwByv3XEcnD9dwM+W8eIxYFkaDw== X-Received: by 2002:a05:6a00:2d25:b0:62d:bf69:e9e0 with SMTP id fa37-20020a056a002d2500b0062dbf69e9e0mr725357pfb.17.1683080247546; Tue, 02 May 2023 19:17:27 -0700 (PDT) Received: from localhost.localdomain ([101.93.160.94]) by smtp.gmail.com with ESMTPSA id a15-20020a056a000c8f00b0063b8ddf77f7sm22452912pfv.211.2023.05.02.19.17.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 May 2023 19:17:27 -0700 (PDT) From: Kefu Chai To: libstdc++@gcc.gnu.org Cc: gcc-patches@gcc.gnu.org, Kefu Chai , Kefu Chai , Jonathan Wakely Subject: [PATCH v2 1/1] libstdc++: Set _M_string_length before calling _M_dispose() [PR109703] Date: Wed, 3 May 2023 10:17:13 +0800 Message-Id: <20230503021713.1146069-2-tchaikov@gmail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230503021713.1146069-1-tchaikov@gmail.com> References: <20230501070622.847749-2-tchaikov@gmail.com> <20230503021713.1146069-1-tchaikov@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_ABUSEAT,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: This patch always sets _M_string_length in the constructor specialized for range of input_iterator, for the cases like istringstream. We copy from source range to the local buffer, and then reallocate to a larger one if necessary. When disposing the old buffer, the old buffer could be provisioned by the local buffer or an allocated buffer. _M_is_local() is used to tell if the buffer is the local one or not. In addition to comparing the buffer address with the local buffer, this function also performs the sanity checking if _M_string_length is greater than _S_local_capacity, if the check fails __builtin_unreachable() is called. But we failed to set _M_string_length in this constructor is specialized for std::input_iterator. So, if UBSan is enabled when compiling the source, there are chances that the uninitialized data in _M_string_length is greater than _S_local_capacity, and the application aborts a runtime error or exception emitted by the UBSan. In this change, to avoid the false alarm, _M_string_length is initialized to zero before doing anything else, so that _M_is_local() doesn't see an uninitialized value. This issue only surfaces when constructing a string with a range of input_iterator, and the uninitialized _M_string_length is greater than _S_local_capacity, i.e., 15. libstdc++-v3/ChangeLog: PR libstdc++/109703 * include/bits/basic_string.h (basic_string(Iter, Iter, Alloc)): Initialize _M_string_length. Signed-off-by: Kefu Chai Co-authored-by: Jonathan Wakely --- libstdc++-v3/include/bits/basic_string.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libstdc++-v3/include/bits/basic_string.h b/libstdc++-v3/include/bits/basic_string.h index 8247ee6bdc6..b16b2898b62 100644 --- a/libstdc++-v3/include/bits/basic_string.h +++ b/libstdc++-v3/include/bits/basic_string.h @@ -760,7 +760,7 @@ _GLIBCXX_BEGIN_NAMESPACE_CXX11 _GLIBCXX20_CONSTEXPR basic_string(_InputIterator __beg, _InputIterator __end, const _Alloc& __a = _Alloc()) - : _M_dataplus(_M_local_data(), __a) + : _M_dataplus(_M_local_data(), __a), _M_string_length(0) { #if __cplusplus >= 201103L _M_construct(__beg, __end, std::__iterator_category(__beg)); -- 2.40.1