Bug 177293
Summary: | ostringstream::str().c_str() returns pointer to unallocated memory | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | starlight | ||||
Component: | gcc | Assignee: | Jakub Jelinek <jakub> | ||||
Status: | CLOSED NOTABUG | QA Contact: | |||||
Severity: | high | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 4.0 | CC: | bkoz, jason | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://gcc.gnu.org/bugzilla/show_bug.cgi?id=25719 | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2006-01-09 16:39:09 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
External Bugzilla http://gcc.gnu.org/bugzilla/show_bug.cgi?id=25719 The 'c_str()' method of the STL 'basic_string' class template returns a pointer to free memory when called against a string returned by the 'str()' method of the 'basic_ostringstream' class template. ISO/IEC 14882 [21.3.6] indicates pointers returned by 'c_str()' should be good until the next non-const member of the string object is called. This behavior is confirmed by both 'purify' and 'mudflap'. The same test case runs clean with 'purify' on Solaris 8 with the Sun Studio 5.4 compiler. Exists with both 3.4 and 4.0 compilers. Suspect bug appears in most 'libstdc++' versions. Made a mistake, so this bug report is invalid. Didn't notice that 'basic_stream' 'str()' returns a value rather than a reference, and so is a temporary object with a lifetime that ends at the semicolon at the end of the statement. |
Created attachment 122936 [details] test case