https://bugs.llvm.org/show_bug.cgi?id=33725
Bug ID: 33725
Summary: std::basic_stringbuf can't handle put areas > 2GB
Product: libc++
Version: 4.0
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P
Component: All Bugs
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected], [email protected]
This crashes on x86_64:
#include <sstream>
int main()
{
std::string str(2147483648, 'a');
std::stringbuf sb(str, std::ios::ate|std::ios::out);
sb.sputc('a');
}
The problem is that the xnext pointer for the put area is below the xbeg
pointer, so the sputc write happens outside the std::string member.
#include <sstream>
#include <cassert>
struct SB : std::stringbuf
{
SB() : std::stringbuf(std::ios::ate|std::ios::out) { }
const char* pubpbase() const { return pbase(); }
const char* pubpptr() const { return pptr(); }
};
int main()
{
std::string str(2147483648, 'a');
SB sb;
sb.str(str);
assert(sb.pubpbase() <= sb.pubpptr());
}
a.out: ss.cc:16: int main(): Assertion `sb.pubpbase() <= sb.pubpptr()' failed.
The problem is that a 64-bit value is passed to basic_streambuf::pbump(int)
which overflows, producing a large negative value that gets added to the pbase
pointer. You need to call pbump in a loop when the argument is greater than
MAX_INT.
--
You are receiving this mail because:
You are on the CC list for the bug._______________________________________________
llvm-bugs mailing list
[email protected]
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
