This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Fix writing beyond array bounds in codecvt/unshift/char/1.cc

On 22 April 2010 15:12, Alexander Monakov wrote:
>> But now when c_lit+size is passed to cvt->in() and cvt->out() it will
>> be too large.
>
> Sorry, I do not agree. ?Those are past-the-end iterators used to define a
> sequence [c_lit, c_lit+size) (right end not inclusive) and must be legal.
> Or am I missing something?

Yes, you're missing that c_lit+strlen(c_lit) is already past-the-end,
i.e. it points to the nul terminator in the last element of c_lit.

If you pass c_lit+strlen(c_lit)+1 then that is one  past the nul
terminator, and so codecvt::in will try to read the nul, which is not
necessary.
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]