diff options
author | Jonathan Wakely <jwakely@redhat.com> | 2021-10-13 17:02:59 +0100 |
---|---|---|
committer | Jonathan Wakely <jwakely@redhat.com> | 2021-10-13 20:36:51 +0100 |
commit | 85b24e32dc27ec2e70b853713e0713cbc1ff08c3 (patch) | |
tree | 4561fe1c36a564c7f213e4694eda75a6cd487a18 /libstdc++-v3/testsuite/27_io/filesystem | |
parent | 97c320016642a40a347d558abc952cc487ad4ff6 (diff) |
libstdc++: Fix dangling string_view in filesystem::path [PR102592]
When creating a path from a pair of non-contiguous iterators we pass the
iterators to _S_convert(Iter, Iter). That function passes the iterators
to __string_from_range to get a contiguous sequence of characters, and
then calls _S_convert(const C*, const C*) to perform the encoding
conversions. If the value type, C, is char8_t, then no conversion is
needed and the _S_convert<char8_t>(const char8_t*, const char8_t*)
specialization casts the pointer to const char* and returns a
std::string_view that refs to the char8_t sequence. However, that
sequence is owned by the std::u8string rvalue returned by
__string_from_range, which goes out of scope when _S_convert(Iter, Iter)
returns. That means the std::string_view is dangling and we get
undefined behaviour when parsing it as a path.
The same problem does not exist for the path members taking a "Source"
argument, because those functions all convert a non-contiguous range
into a basic_string<C> immediately, using __effective_range(__source).
That means that the rvalue string returned by that function is still in
scope for the full expression, so the string_view does not dangle.
The solution for the buggy functions is to do the same thing, and call
__string_from_range immediately, so that the returned rvalue is still in
scope for the lifetime of the string_view returned by _S_convert. To
avoid reintroducing the same problem, remove the _S_convert(Iter, Iter)
overload that calls __string_from_range and returns a dangling view.
libstdc++-v3/ChangeLog:
PR libstdc++/102592
* include/bits/fs_path.h (path::path(Iter, Iter, format))
(path::append(Iter, Iter), path::concat(Iter, Iter)): Call
__string_from_range directly, instead of two-argument overload
of _S_convert.
(path::_S_convert(Iter, Iter)): Remove.
* testsuite/27_io/filesystem/path/construct/102592.C: New test.
Diffstat (limited to 'libstdc++-v3/testsuite/27_io/filesystem')
-rw-r--r-- | libstdc++-v3/testsuite/27_io/filesystem/path/construct/102592.C | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/libstdc++-v3/testsuite/27_io/filesystem/path/construct/102592.C b/libstdc++-v3/testsuite/27_io/filesystem/path/construct/102592.C new file mode 100644 index 00000000000..3bbd07e2494 --- /dev/null +++ b/libstdc++-v3/testsuite/27_io/filesystem/path/construct/102592.C @@ -0,0 +1,28 @@ +// { dg-options "-fchar8_t" } +// { dg-do run { target c++17 } } + +#include <filesystem> +#include <testsuite_hooks.h> +#include <testsuite_iterators.h> + +using __gnu_test::input_iterator_wrapper; +using __gnu_test::input_container; + +void test01() +{ + const char8_t src[] = u8"/long/path/to/a/file/to/avoid/small/string"; + input_container<const char8_t> c1(src); // includes null terminator + std::filesystem::path p1(c1.begin()); // read up to null terminator + VERIFY( p1.u8string() == src ); + + std::u8string_view sv = src; + input_container<const char8_t> c2(sv.data(), sv.data() + sv.size()); + std::filesystem::path p2(c2.begin(), c2.end()); // PR libstdc++/102592 + VERIFY( p2.u8string() == src ); + VERIFY( p1 == p2 ); +} + +int main() +{ + test01(); +} |