Opened 10 years ago
Closed 10 years ago
#8337 closed Bugs (fixed)
The internal representation of "std::string(this->code()->message())" escapes, but is destroyed when it exits scope.
| Reported by: | Owned by: | viboes | |
|---|---|---|---|
| Milestone: | Boost 1.54.0 | Component: | thread |
| Version: | Boost 1.52.0 | Severity: | Problem |
| Keywords: | Cc: |
Description (last modified by )
Coverity static analysis reported the following problem:
class BOOST_SYMBOL_VISIBLE future_error
: public std::logic_error
{
system::error_code ec_;
public:
future_error(system::error_code ec)
: logic_error(ec.message()),
ec_(ec)
{
}
const system::error_code& code() const BOOST_NOEXCEPT
{
return ec_;
}
const char* what() const BOOST_THREAD_NOEXCEPT_OR_THROW
{
CID 10932 (#2 of 2): Wrapper object use after free (WRAPPER_ESCAPE)1. escape: The internal representation of "std::string(this->code()->message())" escapes, but is destroyed when it exits scope.
return code().message().c_str();
}
};
Change History (5)
comment:1 by , 10 years ago
| Description: | modified (diff) |
|---|---|
| Owner: | changed from to |
| Status: | new → assigned |
follow-up: 3 comment:2 by , 10 years ago
boost::system::error_code::message returns a temporary string, which is destroyed when the function returns. The pointer returned by what() is dangling.
comment:3 by , 10 years ago
Replying to steven_watanabe:
boost::system::error_code::message returns a temporary string, which is destroyed when the function returns. The pointer returned by what() is dangling.
Oh I see. Please could you try just removing the overriding of the what() function?
Note:
See TracTickets
for help on using tickets.
Could you clarify what is the bug?