* - `n - 1` characters are stored
* - EOF is reached
* - the next character is whitespace according to the current locale
- * - the next character is a null byte (i.e., `charT()`)
*
* `width(0)` is then called for the input stream.
*
#if __cplusplus <= 201703L
template<typename _CharT, typename _Traits>
+ __attribute__((__nonnull__(2), __access__(__write_only__, 2)))
inline basic_istream<_CharT, _Traits>&
operator>>(basic_istream<_CharT, _Traits>& __in, _CharT* __s)
{
- streamsize __n = __builtin_object_size(__s, 2) / sizeof(_CharT);
- if (__n == 0)
- __n = __gnu_cxx::__numeric_traits<streamsize>::__max / sizeof(_CharT);
- std::__istream_extract(__in, __s, __n);
+ size_t __n = __builtin_object_size(__s, 0);
+ if (__builtin_expect(__n < sizeof(_CharT), false))
+ {
+ // There is not even space for the required null terminator.
+ __glibcxx_assert(__n >= sizeof(_CharT));
+ __in.width(0);
+ __in.setstate(ios_base::failbit);
+ }
+ else
+ {
+ if (__n == (size_t)-1)
+ __n = __gnu_cxx::__numeric_traits<streamsize>::__max;
+ std::__istream_extract(__in, __s, __n / sizeof(_CharT));
+ }
return __in;
}
template<class _Traits>
+ __attribute__((__nonnull__(2), __access__(__write_only__, 2)))
inline basic_istream<char, _Traits>&
operator>>(basic_istream<char, _Traits>& __in, unsigned char* __s)
- { return (__in >> reinterpret_cast<char*>(__s)); }
+ { return __in >> reinterpret_cast<char*>(__s); }
template<class _Traits>
+ __attribute__((__nonnull__(2), __access__(__write_only__, 2)))
inline basic_istream<char, _Traits>&
operator>>(basic_istream<char, _Traits>& __in, signed char* __s)
- { return (__in >> reinterpret_cast<char*>(__s)); }
+ { return __in >> reinterpret_cast<char*>(__s); }
#else
// _GLIBCXX_RESOLVE_LIB_DEFECTS
// 2499. operator>>(istream&, char*) makes it hard to avoid buffer overflows
// with this library; see the file COPYING3. If not see
// <http://www.gnu.org/licenses/>.
-// { dg-options "-O2 -std=gnu++98" }
+// { dg-options "-O2" }
// { dg-do run }
// This test checks that operator>> will avoid a buffer overflow when
// reading into a buffer with a size that is known at compile time.
// Since C++20 this is guaranteed (see LWG 2499), for previous standards
-// we try to check the buffer size as an extension (which depends on -O2).
+// checking the buffer size is an extension and depends on optimisation.
#include <sstream>
#include <testsuite_hooks.h>
void
test01()
{
- std::istringstream in("foolish child");
+ std::istringstream in("foolishly");
char pc[5];
in >> pc;
VERIFY( in.good() );
VERIFY( std::string(pc) == "fool" );
+
+#if __cplusplus <= 201703L
+ char* p = pc + 1;
+ in >> p;
+ VERIFY( in.good() );
+ VERIFY( std::string(pc) == "fish" );
+
+ p = pc + 4;
+ *p = '#';
+ in >> p;
+ VERIFY( in.fail() ); // if no characters are extracted, failbit is set
+ VERIFY( *p == '\0' );
+#endif
}
void
main()
{
test01();
+ test02();
+ test03();
}
--- /dev/null
+// Copyright (C) 2020 Free Software Foundation, Inc.
+//
+// This file is part of the GNU ISO C++ Library. This library is free
+// software; you can redistribute it and/or modify it under the
+// terms of the GNU General Public License as published by the
+// Free Software Foundation; either version 3, or (at your option)
+// any later version.
+
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License along
+// with this library; see the file COPYING3. If not see
+// <http://www.gnu.org/licenses/>.
+
+// { dg-options "-O2" }
+// { dg-do run }
+
+// This test checks that operator>> will avoid a buffer overflow when
+// reading into a buffer with a size that is known at compile time.
+
+// Since C++20 this is guaranteed (see LWG 2499), for previous standards
+// checking the buffer size is an extension and depends on optimisation.
+
+#include <sstream>
+#include <testsuite_hooks.h>
+
+void
+test01()
+{
+ std::wistringstream in(L"foolishly");
+ wchar_t pc[5];
+ in >> pc;
+ VERIFY( in.good() );
+ VERIFY( std::wstring(pc) == L"fool" );
+
+#if __cplusplus <= 201703L
+ wchar_t* p = pc + 1;
+ in >> p;
+ VERIFY( in.good() );
+ VERIFY( std::wstring(pc) == L"fish" );
+
+ p = pc + 4;
+ *p = L'#';
+ in >> p;
+ VERIFY( in.fail() ); // if no characters are extracted, failbit is set
+ VERIFY( *p == L'\0' );
+#endif
+}
+
+int
+main()
+{
+ test01();
+}
projects / gcc.git / commitdiff