https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112100
Bug ID: 112100 Summary: ubsan: misses UB when modifying std::string's trailing \0 Product: gcc Version: 13.2.1 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: jengelh at inai dot de CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org Target Milestone: --- Input: #include <string> int main() { std::string s="fooooooooooooooooooooooooooo"; s[s.size()] = 0xff; } Observed: $ g++ x.cpp -v -Wall -ggdb3 -fsanitize=undefined,address && ./a.out gcc version 13.2.1 20230912 [revision b96e66fd4ef3e36983969fb8cdd1956f551a074b] (SUSE Linux) (no runtime output by executable) Expected: ==55843==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xsomething https://eel.is/c++draft/string.access specifies the modification of the NUL char's position to values other than \0 is UB, so it should warn about this.