[Bug libstdc++/43483] New: STL sort SIGSEV
richardlee at snowshoefox dot com
gcc-bugzilla@gcc.gnu.org
Mon Mar 22 19:58:00 GMT 2010
The STL sort implementation in stl_algo.h SIGSEVs under certain conditions due
to not checking the position of the __first and __last iterator positions.
Here is a diff between a working version and the buggy version in 4.4.1:
2228d2227
< int len = __last - __first;
2231c2230
< while (__first != __last && __comp(*__first, __pivot))
---
> while (__comp(*__first, __pivot))
2233,2234c2232,2233
< --__last;
< while (len-- > 0 && __comp(__pivot, *__last))
---
> --__last;
> while (__comp(__pivot, *__last))
The fix is to make sure __first and __last stays within the boundary of
[__first, __last).
--
Summary: STL sort SIGSEV
Product: gcc
Version: 4.4.1
Status: UNCONFIRMED
Severity: major
Priority: P3
Component: libstdc++
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: richardlee at snowshoefox dot com
GCC host triplet: 2.6.31-20-generic #58-Ubuntu SMP x86_64 GNU/Linux
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=43483
More information about the Gcc-bugs
mailing list