r280061 - in /trunk/libstdc++-v3: ChangeLog inc...

redi@gcc.gnu.org redi@gcc.gnu.org
Thu Jan 9 16:50:00 GMT 2020

Author: redi
Date: Thu Jan  9 16:50:51 2020
New Revision: 280061

URL: https://gcc.gnu.org/viewcvs?rev=280061&root=gcc&view=rev
libstdc++: Fix undefined behaviour in random dist serialization (PR93205)

The deserialization functions for random number distributions fail to
check the stream state before using the extracted values. In some cases
this leads to using indeterminate values to resize a vector, and then
filling that vector with indeterminate values.

No values that affect control flow should be used without checking that a
good value was read from the stream.

Additionally, where reasonable to do so, defer modifying any state in
the distribution until all values have been successfully read, to avoid
modifying some of the distribution's parameters and leaving others

	PR libstdc++/93205
	* include/bits/random.h (operator>>): Check stream operation succeeds.
	* include/bits/random.tcc (operator<<): Remove redundant __ostream_type
	(operator>>): Remove redundant __istream_type typedefs. Check stream
	operations succeed.
	(__extract_params): New function to fill a vector from a stream.
	* testsuite/26_numerics/random/pr60037-neg.cc: Adjust dg-error line.


More information about the Libstdc++-cvs mailing list