I forgot to send this to the libstdc++ list the first time.
This patch evaluates _FORTIFY_SOURCE in a way similar to GNU libc.
If set, std::vector::operator[] throws if the index is out of bounds.
This is compliant with the standard because such usage triggers
undefined behavior. _FORTIFY_SOURCE users expect some performance hit.
In contrast to debugging mode, this does not change ABI and is more
widely applicable.
Okay for trunk?
2012-05-29 Florian Weimer <fwei...@redhat.com>
* include/bits/stl_vector.h (vector::_M_fortify_range_check):
New.
* (vector::operator[]): Call it.
* testsuite/23_containers/vector/element_access/2.cc: New.
--
Florian Weimer / Red Hat Product Security Team
Index: libstdc++-v3/include/bits/stl_vector.h
===================================================================
--- libstdc++-v3/include/bits/stl_vector.h (revision 187951)
+++ libstdc++-v3/include/bits/stl_vector.h (working copy)
@@ -768,7 +768,10 @@
*/
reference
operator[](size_type __n)
- { return *(this->_M_impl._M_start + __n); }
+ {
+ _M_fortify_range_check(__n);
+ return *(this->_M_impl._M_start + __n);
+ }
/**
* @brief Subscript access to the data contained in the %vector.
@@ -783,7 +786,10 @@
*/
const_reference
operator[](size_type __n) const
- { return *(this->_M_impl._M_start + __n); }
+ {
+ _M_fortify_range_check(__n);
+ return *(this->_M_impl._M_start + __n);
+ }
protected:
/// Safety check used only from at().
@@ -794,6 +800,16 @@
__throw_out_of_range(__N("vector::_M_range_check"));
}
+ /// Range check used by operator[].
+ /// No-op unless _FORTIFY_SOURCE is enabled.
+ void
+ _M_fortify_range_check(size_type __n) const
+ {
+#if defined _FORTIFY_SOURCE && _FORTIFY_SOURCE > 0
+ _M_range_check(__n);
+#endif
+ }
+
public:
/**
* @brief Provides access to the data contained in the %vector.
Index: libstdc++-v3/testsuite/23_containers/vector/element_access/2.cc
===================================================================
--- libstdc++-v3/testsuite/23_containers/vector/element_access/2.cc (revision 0)
+++ libstdc++-v3/testsuite/23_containers/vector/element_access/2.cc (revision 0)
@@ -0,0 +1,71 @@
+// Copyright (C) 2012 Free Software Foundation, Inc.
+//
+// This file is part of the GNU ISO C++ Library. This library is free
+// software; you can redistribute it and/or modify it under the
+// terms of the GNU General Public License as published by the
+// Free Software Foundation; either version 3, or (at your option)
+// any later version.
+
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License along
+// with this library; see the file COPYING3. If not see
+// <http://www.gnu.org/licenses/>.
+
+// 23.2.4 vector
+
+// { dg-add-options no_pch }
+
+#undef _FORTIFY_SOURCE
+#define _FORTIFY_SOURCE 2
+
+#include <vector>
+#include <stdexcept>
+#include <testsuite_hooks.h>
+
+void test01()
+{
+ std::vector<int> v(5);
+ try
+ {
+ v[5];
+ VERIFY( false );
+ }
+ catch(std::out_of_range& err)
+ {
+ VERIFY( true );
+ }
+ catch(...)
+ {
+ VERIFY( false );
+ }
+}
+
+void test02()
+{
+ std::vector<int> v(5);
+ const std::vector<int> u(v);
+ try
+ {
+ u[5];
+ VERIFY( false );
+ }
+ catch(std::out_of_range& err)
+ {
+ VERIFY( true );
+ }
+ catch(...)
+ {
+ VERIFY( false );
+ }
+}
+
+int main()
+{
+ test01();
+ test02();
+ return 0;
+}
