Opened 6 years ago
Last modified 6 years ago
#12604 new Bugs
neither scoped_array nor checked_delete do check for nullptr
Reported by: | Owned by: | Peter Dimov | |
---|---|---|---|
Milestone: | To Be Determined | Component: | smart_ptr |
Version: | Boost 1.62.0 | Severity: | Problem |
Keywords: | Cc: | Matthias.Werner1@… |
Description
Hi, I recently ran across a problem where a scoped_array::reset was called with a nullptr argument. As this is not checked within scoped_array::reset or further down the callstack in scoped_array::swap, a checked_delete was called on a nullptr and threw a Segfault. For me, I'd consider this a bug as scoped_array assumes ownership and hence is responsible for delete it's allocated memory. the problem occurred during an ill-posed usage of the boost utf as documented in the file attached.
Attachments (1)
Change History (5)
by , 6 years ago
comment:1 by , 6 years ago
comment:2 by , 6 years ago
I am lost ... on every machine I tried, the attached code throws a segfault.
$ ./test Running 1 test case... *** No errors detected Segmentation fault (core dumped)
can you elaborate what you mean that nullptr is a valid argument to checked_delete? looking at the code, I see
template<class T> inline void checked_delete(T * x) { // intentionally complex - simplification causes regressions typedef char type_must_be_complete[ sizeof(T)? 1: -1 ]; (void) sizeof(type_must_be_complete); delete x; } template<class T> inline void checked_array_delete(T * x) { typedef char type_must_be_complete[ sizeof(T)? 1: -1 ]; (void) sizeof(type_must_be_complete); delete [] x; }
at no point, neither checked_delete nor checked_array_delete actually checks if (x != 0x0). Just wondering if this is expected from the client to checked delete? If yes, then scoped_array should check if the arguments to scoped_array::reset or scoped_array::swap are no 0x0.
comment:3 by , 6 years ago
nullptr
is a valid argument for delete
. There's no need to check.
I tried your example with the current develop
branch of Boost, it may be fixed. I'll try with 1.62.0.
comment:4 by , 6 years ago
my mistake, I shouldn't submit bug reports on a Friday ... I mixed up code versions and thought that boost had a problem. Sorry for the noise and thank you for your patience.
nullptr is a valid argument for checked_delete, which basically calls delete. Your test case works for me.