https://svn.boost.org/trac10/ticket/13579 <p> In boost/algorithm/string/detail/classification.hpp, is_any_ofF contains a fixed buffer </p> <p> <em> </em></p> <pre class="wiki">set_value_type m_fixSet[sizeof(set_value_type*)*2]; </pre><p> This buffer is used for storage when the following predicate holds: </p> <pre class="wiki">static bool use_fixed_storage(std::size_t size) { return size&lt;=sizeof(set_value_type*)*2; } </pre><p> </p> <p> Note that as the RHS of the inequality is measured in bytes, the argument <em>size</em> should also be measured in bytes. However, a typical use is as follows: </p> <pre class="wiki">std::size_t Size=::boost::distance(Range); m_Size=Size; if(use_fixed_storage(m_Size)) </pre><p> boost::distance does not return a value in bytes; it returns the length of a sequence. It's quite possible for e.g. a sequence of length 2 to occupy 16 bytes. </p> <p> This results in reads past the end of m_fixSet, and consequent segfaults. </p> en-us /htdocs/site/boost.png https://svn.boost.org/trac10/ticket/13579 Trac 1.4.3 Kohei Takahashi Thu, 31 May 2018 03:28:19 GMT https://svn.boost.org/trac10/ticket/13579#comment:1 https://svn.boost.org/trac10/ticket/13579#comment:1 <ul> <li><strong>owner</strong> set to <span class="trac-author">Marshall Clow</span> </li> <li><strong>component</strong> <span class="trac-field-old">None</span> → <span class="trac-field-new">string_algo</span> </li> </ul> Ticket Marshall Clow Wed, 13 Jun 2018 20:24:35 GMT