Modify

Ticket #6817 (closed Bugs: invalid)

Opened 2 years ago

Last modified 2 years ago

Appending to an empty path segfaults...

Reported by: sean@… Owned by: bemandawes
Milestone: To Be Determined Component: filesystem
Version: Boost 1.49.0 Severity: Regression
Keywords: filesystem append Cc:

Description

path::m_append_separator_if_needed() is not checking the bounds of its inputs and segfaults. Using clang 3.1 with c++0x, this crashes every time, whereas with previous versions this was somehow insulated from this segfault. Guarding against this with calls to empty() is possible, but seems excessively burdensome to check on every append operation.

Code highlighting:

/* Compile instructions:
clang++ -g -Wall -Wextra -pedantic -Wno-error -Wno-fatal-errors -pedantic-errors -fno-inline -std=c++0x -I/Users/sean/src/boost-prefix/include -Os -Wno-long-long -Wno-unused-parameter -Wsign-compare -stdlib=libc++ -L${HOME}/src/boost-prefix/lib -lboost_filesystem-mt -lboost_system-mt -o test_path test_path.cpp
./test_path
*/
     
#include "boost/filesystem.hpp"
     
const std::string default_path = "foo";
     
int
main(int argc, char* argv[]) {
  boost::filesystem::path init_path;
  init_path /= default_path;
  std::cout << "Path: " << init_path << std::endl;
  return 0;
}

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0xffffffffffffffe8
0x000000010000db50 in boost::filesystem3::path::m_append_separator_if_needed ()
(gdb) bt
#0  0x000000010000db50 in boost::filesystem3::path::m_append_separator_if_needed ()
#1  0x00000001000015dd in boost::filesystem3::path::append<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > (this=0x7fff5fbff4e0, source=@0x100002288, cvt=<value temporarily unavailable, due to optimizations>) at path.hpp:679
#2  0x0000000100000f6e in main (argc=1606415584, argv=0x100002288) at test_path.cpp:249

Attachments

Change History

comment:1 Changed 2 years ago by Sean Chittenden <sean@…>

User error, please feel free to close. The above was compiled and linked using C++11 and stdlib=libc++, however boost was not.

comment:2 Changed 2 years ago by bemandawes

  • Status changed from new to closed
  • Resolution set to invalid

Interesting. I've dropped a note to a couple of Clang and libc++ developers since it would be nice if this sort of misconfiguration error got diagnosed by the ecosystem.

Thanks,

--Beman

View

Add a comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
The resolution will be deleted. Next status will be 'reopened'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.