https://gcc.gnu.org/bugzilla/show_bug.cgi?id=122062
--- Comment #6 from GCC Commits <cvs-commit at gcc dot gnu.org> --- The releases/gcc-15 branch has been updated by Jonathan Wakely <[email protected]>: https://gcc.gnu.org/g:9aafd06ebe7c2363d1693f4b051f511ef2bcc2fd commit r15-10431-g9aafd06ebe7c2363d1693f4b051f511ef2bcc2fd Author: Jonathan Wakely <[email protected]> Date: Thu Sep 25 17:23:28 2025 +0100 libstdc++: Fix unsafe comma operators in <random> [PR122062] This fixes a 'for' loop in std::piecewise_linear_distribution that increments two iterators with a comma operator between them, making it vulnerable to evil overloads of the comma operator. It also changes a 'for' loop used by some other distributions, even though those are only used with std::vector<double>::iterator and so won't find any overloaded commas. libstdc++-v3/ChangeLog: PR libstdc++/122062 * include/bits/random.tcc (__detail::__normalize): Use void cast for operands of comma operator. (piecewise_linear_distribution): Likewise. * testsuite/26_numerics/random/piecewise_linear_distribution/cons/122062.cc: New test. Reviewed-by: Tomasz KamiÅski <[email protected]> Reviewed-by: Hewill Kang <[email protected]> (cherry picked from commit 11ce485bcffac0db005d77e100420535e54d0aa5)
