Uploaded image for project: 'C++ Standard Library'
  1. C++ Standard Library
  2. STDCXX-67

std::istream::getline(buffer, 0) writes past the end of buffer

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 4.1.2
    • 4.1.3
    • 27. Input/Output
    • None

    • all

    Description

      The program below aborts on line 20 on all platforms indicating that std::istream::getline(buffer, 0) writes past the end of the zero-size buffer.

      $ cat -n t.cpp && nice gmake t -r && ./t
      1 #include <cassert>
      2 #include <sstream>
      3
      4 int main ()
      5 {
      6 std::istringstream strm ("\n\n");
      7
      8 char s [3] =

      { 'x', 'y', 'z' }

      ;
      9
      10 strm.getline (s, 0);
      11
      12 // 27.6.1.3, p17, bullet 2:
      13 // Characters are extracted and stored until c == delim for the next
      14 // available input character c.
      15
      16 assert (strm.goodbit == strm.rdstate ());
      17 assert (1 == strm.gcount ());
      18 assert ('x' == s [0]);
      19 assert ('y' == s [1]);
      20 assert ('z' == s [2]);
      21
      22 strm.getline (s, 1);
      23
      24 // 27.6.1.3, p17, bullet 3:
      25 // Characters are extracted and stored until (n - 1) characters
      26 // are stored (in which case the function calls setstate(failbit)).
      27 // p20:
      28 // In any case, it then stores a null character (using charT()) into
      29 // the next successive location of the array.
      30
      31 assert (strm.goodbit == strm.rdstate ());
      32 assert (1 == strm.gcount ());
      33 assert ('\0' == s [0]);
      34 assert ('y' == s [1]);
      35 assert ('z' == s [2]);
      36
      37 strm.clear ();
      38 strm.getline (s, 2);
      39
      40 // 27.6.1.3, p17, bullet 1:
      41 // Characters are extracted and stored until end-of-file occurs on
      42 // the input sequence (in which case the function calls setstate(eofbit))
      43 // p20:
      44 // In any case, it then stores a null character (using charT()) into
      45 // the next successive location of the array.
      46
      47 assert ((strm.eofbit | strm.failbit) == strm.rdstate ());
      48 assert (0 == strm.gcount ());
      49 assert ('\0' == s [0]);
      50 assert ('y' == s [1]);
      51 assert ('z' == s [2]);
      52 }
      aCC -c -D_RWSTDDEBUG -mt -D_RWSTD_USE_CONFIG -I/build/sebor/aCC-6.0-15S/include -I/build/sebor/dev/stdlib/include -I/build/sebor/dev/stdlib/../rwtest -I/build/sebor/dev/stdlib/../rwtest/include -I/build/sebor/dev/stdlib/tests/include -AA -g +d +DD64 +w +W392 +W655 +W684 +W818 +W819 +W849 +W2193 +W2236 +W2261 +W2340 +W2401 +W2487 t.cpp
      aCC t.o -o t -L/build/sebor/aCC-6.0-15S/rwtest -lrwtest15S -AA +nostl -Wl,+s -L/build/sebor/aCC-6.0-15S/lib -mt +DD64 -L/build/sebor/aCC-6.0-15S/lib -lstd15S -lm
      Assertion failed: 'z' == s [2], file t.cpp, line 20
      ABORT instruction (core dumped)

      Attachments

        Activity

          People

            sebor Martin Sebor
            sebor Martin Sebor
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 1h
                1h