Opened 9 years ago
Closed 9 years ago
#9335 closed Bugs (fixed)
default constructed split_iterator has UB when copy constructed
| Reported by: | Owned by: | Marshall Clow | |
|---|---|---|---|
| Milestone: | To Be Determined | Component: | string_algo |
| Version: | Boost Development Trunk | Severity: | Problem |
| Keywords: | split_iterator | Cc: | gromer@… |
Description
The copy constructor for split_iterator is:
split_iterator( const split_iterator& Other ) :
base_type(Other),
m_Match(Other.m_Match),
m_Next(Other.m_Next),
m_End(Other.m_End),
m_bEof(Other.m_bEof)
{}
Note that the member copies in the constructor initializer list perform lvalue-to-rvalue conversion. That has undefined behaviour when the value is uninitialized.
The default constructor is implemented as so:
split_iterator() {}
This means that if you default-construct a split_iterator then try to copy it, the copy ctor will exhibit undefined behaviour. I think this was intended to be valid, all default-constructed split_iterators compare equal.
The two possible fixes are to either change the default constructor to initialize the four members, or to change the copy constructor to use memcpy to copy the value representation instead of the object representation (I haven't checked whether all the members are trivially copyable).
Attachments (1)
Change History (6)
comment:1 by , 9 years ago
| Cc: | added |
|---|
comment:2 by , 9 years ago
| Status: | new → assigned |
|---|
comment:3 by , 9 years ago
comment:4 by , 9 years ago
comment:5 by , 9 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Merged to master in cf249c090c3021faebbcf5f6cf5574ce258aa7f6.
I believe all that's necessary here is to initialize m_bEof in the default constructor.
All the other members have default constructors (i.e, are not PODs), so they will be initialized.