Scott Cantor commented on XERCESC-2088:

Neither is safe. You're depending on the compiler's object layout behavior and 
while that was never "right", it is (to my understanding) now explicitly called 
out in the standard as unspecified behavior.

We're basically not on fire but we have to fix it, and we can't depend on the 
position of the member in the class.

> Bad casting from DOMTextImpl to DOMElementImpl
> ----------------------------------------------
>                 Key: XERCESC-2088
>                 URL: https://issues.apache.org/jira/browse/XERCESC-2088
>             Project: Xerces-C++
>          Issue Type: Bug
>          Components: DOM
>    Affects Versions: 3.1.1, 3.1.2, 3.1.3, 3.1.4
>         Environment: ubuntu 16.04 LTS, Intel(R) Core(TM) i7-6700 CPU @ 
> 3.40GHz, 16GB
>            Reporter: Yuseok Jeon
>         Attachments: Actual_result.txt, relationship_tree.jpeg
> Hi all, 
> Our recently developed type confusion detection tool reports a type_confusion 
> error in the "xercesc/dom/imple/DOMCasts.hpp" 
> xercesc/dom/imple/DOMCasts.hpp, line 146
> static inline DOMNodeImpl *castToNodeImpl(const DOMNode *p)
> {
>     DOMElementImpl *pE = (DOMElementImpl *)p;
>     return &(pE->fNode);
> }
> p is pointing to the object allocated as DOMTextImpl, and it is casted into 
> DOMElementImpl. However, since DOMElementImpl is not a subobject of 
> DOMTextImpl, it is violating C++ standard rules 5.2.9/11 (down casting is 
> undefined if the object that the pointer to be casted points to is not a 
> suboject of down casting type) and causes undefined behaviors.
> There are similar type-confusion cases as below links. 
>  - (libstdc++) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60734
>  - (Firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=1074280
> I attached a actual type confusion report and object relationship 
> information. 

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org

Reply via email to