This patch evaluates _FORTIFY_SOURCE in a way similar to GNU libc. If set, std::vector::operator[] throws if the index is out of bounds. This is compliant with the standard because such usage triggers undefined behavior. _FORTIFY_SOURCE users expect some performance hit.
Okay for trunk? 2012-05-29 Florian Weimer <fwei...@redhat.com> * include/bits/stl_vector.h (vector::_M_fortify_range_check): New. * (vector::operator[]): Call it. * testsuite/23_containers/vector/element_access/2.cc: New. -- Florian Weimer / Red Hat Product Security Team
Index: libstdc++-v3/include/bits/stl_vector.h =================================================================== --- libstdc++-v3/include/bits/stl_vector.h (revision 187951) +++ libstdc++-v3/include/bits/stl_vector.h (working copy) @@ -768,7 +768,10 @@ */ reference operator[](size_type __n) - { return *(this->_M_impl._M_start + __n); } + { + _M_fortify_range_check(__n); + return *(this->_M_impl._M_start + __n); + } /** * @brief Subscript access to the data contained in the %vector. @@ -783,7 +786,10 @@ */ const_reference operator[](size_type __n) const - { return *(this->_M_impl._M_start + __n); } + { + _M_fortify_range_check(__n); + return *(this->_M_impl._M_start + __n); + } protected: /// Safety check used only from at(). @@ -794,6 +800,16 @@ __throw_out_of_range(__N("vector::_M_range_check")); } + /// Range check used by operator[]. + /// No-op unless _FORTIFY_SOURCE is enabled. + void + _M_fortify_range_check(size_type __n) const + { +#if defined _FORTIFY_SOURCE && _FORTIFY_SOURCE > 0 + _M_range_check(__n); +#endif + } + public: /** * @brief Provides access to the data contained in the %vector. Index: libstdc++-v3/testsuite/23_containers/vector/element_access/2.cc =================================================================== --- libstdc++-v3/testsuite/23_containers/vector/element_access/2.cc (revision 0) +++ libstdc++-v3/testsuite/23_containers/vector/element_access/2.cc (revision 0) @@ -0,0 +1,71 @@ +// Copyright (C) 2012 Free Software Foundation, Inc. +// +// This file is part of the GNU ISO C++ Library. This library is free +// software; you can redistribute it and/or modify it under the +// terms of the GNU General Public License as published by the +// Free Software Foundation; either version 3, or (at your option) +// any later version. + +// This library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. + +// You should have received a copy of the GNU General Public License along +// with this library; see the file COPYING3. If not see +// <http://www.gnu.org/licenses/>. + +// 23.2.4 vector + +// { dg-add-options no_pch } + +#undef _FORTIFY_SOURCE +#define _FORTIFY_SOURCE 2 + +#include <vector> +#include <stdexcept> +#include <testsuite_hooks.h> + +void test01() +{ + std::vector<int> v(5); + try + { + v[5]; + VERIFY( false ); + } + catch(std::out_of_range& err) + { + VERIFY( true ); + } + catch(...) + { + VERIFY( false ); + } +} + +void test02() +{ + std::vector<int> v(5); + const std::vector<int> u(v); + try + { + u[5]; + VERIFY( false ); + } + catch(std::out_of_range& err) + { + VERIFY( true ); + } + catch(...) + { + VERIFY( false ); + } +} + +int main() +{ + test01(); + test02(); + return 0; +}