diff options
author | Eric Fiselier <eric@efcs.ca> | 2017-03-09 01:54:13 +0000 |
---|---|---|
committer | Eric Fiselier <eric@efcs.ca> | 2017-03-09 01:54:13 +0000 |
commit | 3b7c1348ca31918186362fa75cd14c33ec2e72f4 (patch) | |
tree | b3707bd37d03556d235b14c099671f4a7973289c | |
parent | 15da97cb66c806b3b7e57a5601f3dae7fdbd56d5 (diff) | |
download | external_libcxx-3b7c1348ca31918186362fa75cd14c33ec2e72f4.tar.gz external_libcxx-3b7c1348ca31918186362fa75cd14c33ec2e72f4.tar.bz2 external_libcxx-3b7c1348ca31918186362fa75cd14c33ec2e72f4.zip |
Disable unsigned integer sanitizer for basic_string::replace(). Patch from tomcherry@google.com
basic_string::replace() has the below line
__sz += __n2 - __n1;
which fails overflow checks if __n1 > __n2, as the negative result
from the subtraction then overflows the original __sz when added to
it.
This behavior is valid as unsigned integer overflow is defined to wrap
around the maximum value and that produces the correct final value for
__sz. Therefore, we disable this check on this function.
git-svn-id: https://llvm.org/svn/llvm-project/libcxx/trunk@297355 91177308-0d34-0410-b5e6-96231b3b80d8
-rw-r--r-- | include/string | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/include/string b/include/string index 3d14e0e62..e1c64faf9 100644 --- a/include/string +++ b/include/string @@ -2560,6 +2560,7 @@ basic_string<_CharT, _Traits, _Allocator>::insert(const_iterator __pos, size_typ template <class _CharT, class _Traits, class _Allocator> basic_string<_CharT, _Traits, _Allocator>& basic_string<_CharT, _Traits, _Allocator>::replace(size_type __pos, size_type __n1, const value_type* __s, size_type __n2) + _LIBCPP_DISABLE_UBSAN_UNSIGNED_INTEGER_CHECK { _LIBCPP_ASSERT(__n2 == 0 || __s != nullptr, "string::replace received nullptr"); size_type __sz = size(); @@ -2599,6 +2600,8 @@ basic_string<_CharT, _Traits, _Allocator>::replace(size_type __pos, size_type __ } traits_type::move(__p + __pos, __s, __n2); __finish: +// __sz += __n2 - __n1; in this and the below function below can cause unsigned integer overflow, +// but this is a safe operation, so we disable the check. __sz += __n2 - __n1; __set_size(__sz); __invalidate_iterators_past(__sz); @@ -2612,6 +2615,7 @@ __finish: template <class _CharT, class _Traits, class _Allocator> basic_string<_CharT, _Traits, _Allocator>& basic_string<_CharT, _Traits, _Allocator>::replace(size_type __pos, size_type __n1, size_type __n2, value_type __c) + _LIBCPP_DISABLE_UBSAN_UNSIGNED_INTEGER_CHECK { size_type __sz = size(); if (__pos > __sz) |