This is the mail archive of the
libstdc++@gcc.gnu.org
mailing list for the libstdc++ project.
Re: [PATCH] Tighten length error check in string::replace
Benjamin Kosnik wrote:
>>+void
>>+test05()
>>+{
>>
>>
>
>bool test = true;
>
Ok.
>>+ std::string str01 = "beyond skin";
>>+ std::string str02 = "glam";
>>+
>>+ try {
>>+ str01.replace(8, 7, str02.c_str(), str02.max_size() - 4);
>>+ }
>>+ catch(std::length_error& fail) {
>>+ VERIFY( std::string(fail.what()) == "basic_string::replace" );
>>+ }
>>+ catch(...) {
>>+ VERIFY( false );
>>+ }
>>+}
>>
>>
>Is this really correct behavior, to throw length_error here? I'm
>uncertain.
>
Well, in the past I followed mostly Josuttis in working on such replace
members.
Preliminarily, we should consider that, in case of replace(..., ...,
const char* chars, size_type chars_len) it is assumed that chars has at
least chars_len characters, '\0' has no special meaning and we cannot
control the effective available length of the source data (str02 above
is there only to make available the pointer str01.c_str()).
Second, according to Josuttis at least, replace throws lenght_error if
the /resulting/ size (notice that in order to compute it exactly we need
__foldn1 not __n1) exceeds the maximum number of characters, thus, I
understand, the test I wrote some time ago must be amended to __size -
__foldn1 > this->max_size() - __n2.
For example, in the testcase, __size == 11, __foldn1 == 3,
this->max_size - __n2 == 4 and the test for __throw_length_error is
definitely true.
Notice, moreover, that (my bad!) the current test (__size - __n1 >
this->max_size() - __n2) for sure is not self-consistent, since both
__size and __n1 are unsigned quantities and therefore if the user
specifies __n1 > __size (he can) false positives may result from the
comparison.
Ciao,
Paolo.