https://gcc.gnu.org/bugzilla/show_bug.cgi?id=122062
--- Comment #4 from GCC Commits <cvs-commit at gcc dot gnu.org> --- The master branch has been updated by Jonathan Wakely <r...@gcc.gnu.org>: https://gcc.gnu.org/g:11ce485bcffac0db005d77e100420535e54d0aa5 commit r16-4099-g11ce485bcffac0db005d77e100420535e54d0aa5 Author: Jonathan Wakely <jwak...@redhat.com> Date: Thu Sep 25 17:23:28 2025 +0100 libstdc++: Fix unsafe comma operators in <random> [PR122062] This fixes a 'for' loop in std::piecewise_linear_distribution that increments two iterators with a comma operator between them, making it vulnerable to evil overloads of the comma operator. It also changes a 'for' loop used by some other distributions, even though those are only used with std::vector<double>::iterator and so won't find any overloaded commas. libstdc++-v3/ChangeLog: PR libstdc++/122062 * include/bits/random.tcc (__detail::__normalize): Use void cast for operands of comma operator. (piecewise_linear_distribution): Likewise. * testsuite/26_numerics/random/piecewise_linear_distribution/cons/122062.cc: New test. Reviewed-by: Tomasz KamiÅski <tkami...@redhat.com> Reviewed-by: Hewill Kang <hewi...@gmail.com>
