Hello, I've submitted a PR to fix a static analysis warning in Boost.Regex: https://github.com/boostorg/regex/pull/263
- return (n > ::boost::regex_constants::error_unknown) ? s_default_error_messages[::boost::regex_constants::error_unknown] : s_default_error_messages[n]; + typedef typename std::make_unsigned<regex_constants::error_type>::type unsigned_type; + return (static_cast<unsigned_type>(n) > ::boost::regex_constants::error_unknown) ? s_default_error_messages[::boost::regex_constants::error_unknown] : s_default_error_messages[n]; The function get_default_error_string() in regex_traits_defaults.hpp<https://github.com/boostorg/regex/blob/develop/include/boost/regex/v5/regex_traits_defaults.hpp> triggers warning C33010 (unchecked lower bound for enum used as index)<https://learn.microsoft.com/en-us/cpp/code-quality/c33010?view=msvc-170>. There are regulations that require the Windows product to address all occurrences of this warning in any open-source code pulled into the Windows repository. I'm addressing this in the short term by using a Vcpkg overlay port to apply the patch from my PR, but I would like to upstream the fix so I can switch back to the default Vcpkg port for Boost in the future once the fix is released. The fix simply casts the enum value to an unsigned type before doing a bounds check. This ensures that negative values are treated as large positive values in the comparison so they will be detected to be out of bounds. I used a typedef with std::make_unsigned for the type used in the cast. This was done to be consistent with similar code farther up in the file in the is_extended function. Thanks, Phil _______________________________________________ Boost-users mailing list -- [email protected] To unsubscribe send an email to [email protected] https://lists.boost.org/mailman3/lists/boost-users.lists.boost.org/ Archived at: https://lists.boost.org/archives/list/[email protected]/message/VL2QRA7TAJIX4DTRORMM524IJJ34K6MT/
