Compiler: g++
STL Platform: STLPort(with debug mode turned on)
I got these error messages when running "cryptest v":
c:/mingw/include/stlport/stl/debug/_string.h(226): STL error : Index
out of bounds
c:/mingw/include/stlport/stl/debug/_string.h(226): STL assertion
failure: __n < this->size()
The source of this problem is a bug in the implementation of
"PutDecodedDatumInto":
void PutDecodedDatumInto(const TestData &data, const char *name,
BufferedTransformation &target)
{
std::string s1 = GetRequiredDatum(data, name), s2;
while (!s1.empty())
{
while (s1[0] == ' ') //<-- Bug is here
s1 = s1.substr(1);
...
}
}
It's obvious that if s1 is empty, "s1[0]" will be an invalid read
because 0 == s1.size() (According to C++ standard, index is valid only
if its value is less than the length of string).
The workaround is to change:
while (s1[0] == ' ')
s1 = s1.substr(1);
to:
while (s1[0] == ' ') {
s1 = s1.substr(1);
if (s1.empty())
return; //avoid invalid read if s1 is empty
}
Note:
1. This bug makes many tests failed because datum of some fields ends
with a space character ("MAC" field in authenticated-symmetric cipher
test for e.g).
2. To reproduce this bug with other compiler/STL platform (MSVC/
Dinkumware for e.g), just replace "s1[0]" with "s1.at(0)" (because
std::string::operator[ ] doesnt check whether index is valid) and you
will get the "std::out_of_range" exception (MSVC/Dinkumware will
produce "invalid string position" error messages).
Regards,
An
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---
