saddamr3e opened a new pull request, #716:
URL: https://github.com/apache/logging-log4cxx/pull/716
This PR adopts the Safe Buffers Programming Model for the `hexdump()`
implementation by replacing raw buffer access patterns with bounds-aware buffer
views.
The change migrates `hexdump.cpp` from direct pointer arithmetic on
untrusted input buffers to `std::span<const uint8_t>` when building with C++20,
with a lightweight compatibility view for older supported standards. This
reduces the risk of future out-of-bounds memory access bugs while preserving
existing behavior and output formatting.
## Changes
### Safe buffer migration
* Replaced raw pointer indexing and arithmetic in `hexdump()` with
bounds-aware buffer views.
* Added `std::span<const uint8_t>` support for C++20 builds.
* Added a minimal compatibility `ByteView` implementation for older
supported language standards.
* Ensured all buffer access is performed through view-based indexing and
size tracking.
### Character handling hardening
* Updated `isprint()` usage to operate on an unsigned character value,
avoiding undefined behavior for negative signed character inputs.
### Regression-prevention infrastructure
* Added compiler detection for `-Wunsafe-buffer-usage`.
* Introduced `LOG4CXX_HAS_WUNSAFE_BUFFER_USAGE`.
* Added optional safe-buffer enforcement controls:
* `LOG4CXX_ENABLE_SAFE_BUFFERS`
* `LOG4CXX_SAFE_BUFFERS_AS_ERROR`
* Applied warning enforcement on a per-file basis for migrated sources.
* Preserved compatibility with compilers that do not support the warning.
### Tests
* Added a zero-length buffer test case covering an important boundary
condition handled by the new buffer view abstraction.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
