Opened 8 years ago

Last modified 5 years ago

#4438 new Bugs

Possible infinite loop in boost:: filesystem::copy_file for unix

Reported by: Roberto Carlos Toledano Gómez <rctg82@…> Owned by: Beman Dawes
Milestone: Boost 1.44.0 Component: filesystem
Version: Boost Development Trunk Severity: Problem
Keywords: Cc:


In the write cycle:



if ((sz = ::write(outfile, buf.get() + sz_write,

sz_read - sz_write))< 0)


sz_read = sz; cause read loop termination break; and error to be thrown after closes

} sz_write += sz;

} while (sz_write < sz_read);

Always try to write a number of bytes strictly greater than zero and the api ::write returns according to the official documentation :" On success, the number of bytes written is returned (Zero Indicates Nothing Was Written). On error, -1 is returned, and errno is set appropriately". Now imagine that the ::write api for any error or side effect, always returns zero, then we are in an infinite loop.

To fix it I think the appropriate condition should be:

if ((sz =
write (outfile, buf.get () + sz_write, sz_read - sz_write)) <= 0)

that is, change the Boolean operation for less than or equal to (<=)

If I'm wrong please let me know what to learn. In my opinion you are the best.

Change History (1)

comment:1 Changed 5 years ago by isundill@…

I think your error is in your while condition. After an error, your sz_read equal -1, and your sz_write value equal the total number of bits written (minus one). So the condition (X -1 < -1) may be always true.

