You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Scott Cantor (JIRA)" <ji...@apache.org> on 2017/09/11 02:00:09 UTC
[jira] [Resolved] (SANTUARIO-474) Better overflow checking
[ https://issues.apache.org/jira/browse/SANTUARIO-474?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Scott Cantor resolved SANTUARIO-474.
------------------------------------
Resolution: Fixed
xsecsize_t has been replaced, and the overflow check doesn't count on an underflow anymore, but does require XERCES_SIZE_MAX which is only present in 3.2.
> Better overflow checking
> ------------------------
>
> Key: SANTUARIO-474
> URL: https://issues.apache.org/jira/browse/SANTUARIO-474
> Project: Santuario
> Issue Type: Bug
> Components: C++
> Affects Versions: C++ 1.7.3
> Reporter: Ferenc Wágner
> Assignee: Scott Cantor
> Fix For: C++ 2.0.0
>
>
> While looking at those few remaining compiler warnings, I encountered code in {{safeBuffer::checkAndExpand}} like this:
> {code}
> if (size + 1 < bufferSize)
> return;
> // Make the new size twice the size of the new string requirement
> xsecsize_t newBufferSize = size * 2;
> {code}
> (We're dealing with unsigned quantities here.)
> Shouldn't there be overflow checks everywhere?
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)