C++ Standard Library
  1. C++ Standard Library
  2. STDCXX-68

[MSVC 8.0] strxfrm(s1, s2, 0) writes past the end of the destination buffer

    Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: 4.1.2
    • Fix Version/s: None
    • Component/s: External
    • Labels:
      None
    • Environment:

      MSVC 8

      Description

      From
      http://lab.msdn.microsoft.com/ProductFeedback/viewfeedback.aspx?feedbackid=b41c0882-79d0-412b-b404-d9ecb1952c31
      ======================================================================
      Bug ID: FDBK40793
      Problem Type: Bug
      Status: New
      Microsoft Status: Under Review
      Opened Date: 2005-11-18 16:06:05
      Opened By: Martin Sebor
      Product/Technology: Visual C++
      Version: Visual Studio 2005
      Product Language: English
      Category: Libraries
      OS: Windows 2000 Server
      OS Language: US English
      Submission Language: English
      ======================================================================
      Description:
      Opened by Martin Sebor on 2005-11-18 at 16:06:05

      The C standard library function strxfrm() writes past the end of the destination
      buffer.

      ======================================================================
      Steps to Reproduce:

      $ cat t.cpp && cl t.cpp && ./t.exe
      #include <assert.h>
      #include <locale.h>
      #include <string.h>

      int main ()
      {
      setlocale (LC_COLLATE, "CAT");

      char s1 [2] =

      { '*', '*' }

      ;
      strxfrm (s1, "", 0);
      assert ('' == s1 [0] && '' == s1 [1]);
      }
      Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.42 for 80x86
      Copyright (C) Microsoft Corporation. All rights reserved.

      t.cpp
      Microsoft (R) Incremental Linker Version 8.00.50727.42
      Copyright (C) Microsoft Corporation. All rights reserved.

      /out:t.exe
      t.obj
      Assertion failed: '' == s1 [0] && '' == s1 [1], file t.cpp, line 11

      This application has requested the Runtime to terminate it in an unusual way.
      Please contact the application's support team for more information.
      ======================================================================
      Actual Results: Runtime error.
      Expected Results: No error.

        Issue Links

          Activity

          Hide
          Martin Sebor added a comment -

          Unfortunatley, it's become impossible to track the bug with Microsoft because the page is hidden. The ProductFeedback link above is redirected to a "hidden" page (http://lab.msdn.microsoft.com/ProductFeedback/error.aspx?msg=hidden) with the following information:

          Page is hidden

          This feedback is not being displayed because it may identify a possible security vulnerability.

          Please re-submit this feedback, and all other security-related issues, at http://www.microsoft.com/technet/security/bulletin/alertus.aspx. Please refer to our FAQ for more details.

          Show
          Martin Sebor added a comment - Unfortunatley, it's become impossible to track the bug with Microsoft because the page is hidden. The ProductFeedback link above is redirected to a "hidden" page ( http://lab.msdn.microsoft.com/ProductFeedback/error.aspx?msg=hidden ) with the following information: Page is hidden This feedback is not being displayed because it may identify a possible security vulnerability. Please re-submit this feedback, and all other security-related issues, at http://www.microsoft.com/technet/security/bulletin/alertus.aspx . Please refer to our FAQ for more details.
          Hide
          Martin Sebor added a comment -

          Can't fix or schedule bugs in external dependencies.

          Show
          Martin Sebor added a comment - Can't fix or schedule bugs in external dependencies.
          Hide
          Farid Zaripov added a comment -

          This bug has been fixed in MSVC 9.0 beta2.

          Show
          Farid Zaripov added a comment - This bug has been fixed in MSVC 9.0 beta2.

            People

            • Assignee:
              Martin Sebor
              Reporter:
              Martin Sebor
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:

                Development