[Cmake] Buffer overflows

Bill Hoffman bill . hoffman at kitware . com
Fri, 22 Jun 2001 09:14:56 -0400


--=====================_350213159==_.ALT
Content-Type: text/plain; charset="us-ascii"



basic_istream::getline
basic_istream& getline(E *s, streamsize n);
basic_istream& getline(E *s, streamsize n, E delim);
The first of these unformatted input functions returns getline(s, n, widen('\n')).
The second function extracts up to n - 1 elements and stores them in the array beginning at s. It always stores E(0) after any extracted elements it stores. In order of testing, extraction stops:  
At end of file. 
After the function extracts an element that compares equal to delim, in which case the element is neither put back nor appended to the controlled sequence. 
After the function extracts is.max_size() elements. 
If the function extracts no elements, it calls setstate(failbit). In any case, it returns *this.

There is no buffer overflow here:  "extracts up to n - 1 elements"
However, the loop is slightly wrong, in some cases it could duplicate
the last line of the file.  We will fix that problem.
The getline code should be much more efficient than reading a character at 
a time.


At 03:58 AM 6/22/2001 -0400, you wrote:
>Could we please, please avoid using fixed-sized buffers, no matter
>how big the buffer is? I just spent the last 3 hrs tracking down
> char  buff[4096]
>in cmSystemTools::cmCopyFile.
>
>Is there any reason why this function couldn't be implemented using
>iterators? For example:
>
>void cmSystemTools::cmCopyFile(const char* source,
>                             const char* destination)
>{
>  std::ifstream fin(source);
>  std::ofstream fout(destination);
>  std::copy( std::istream_iterator<char>(fin), std::istream_iterator<char>(), std::ostream_iterator<char>(fout) );
>}
>
>Amitha.
>
>_______________________________________________
>Cmake mailing list
>Cmake at public . kitware . com
>http://public . kitware . com/mailman/listinfo/cmake 

--=====================_350213159==_.ALT
Content-Type: text/html; charset="us-ascii"

<html>
<font size=4><b><br>
<br>
basic_istream::getline<br>
</b></font>basic_istream&amp; <b>getline</b>(E *s, streamsize n);<br>
basic_istream&amp; <b>getline</b>(E *s, streamsize n, E delim);<br>
The first of these <font color="#0000FF"><u>unformatted input
functions</u></font> returns getline(s, n, widen('\n')).<br>
The second function extracts up to n - 1 elements and stores them in the
array beginning at s. It always stores E(0) after any extracted elements
it stores. In order of testing, extraction stops:
<dl>
<dd>At end of file. 
<dd>After the function extracts an element that compares equal to delim,
in which case the element is neither put back nor appended to the
controlled sequence. 
<dd>After the function extracts
is.<font color="#0000FF"><u>max_size</u></font>() elements. 
</dl>If the function extracts no elements, it calls
<font color="#0000FF"><u>setstate</u></font>(failbit). In any case, it
returns *this.<br>
<br>
There is no buffer overflow here:&nbsp; &quot;extracts up to n - 1
elements&quot;<br>
However, the loop is slightly wrong, in some cases it could
duplicate<br>
the last line of the file.&nbsp; We will fix that problem.<br>
The getline code should be much more efficient than reading a character
at <br>
a time.<br>
<br>
<br>
At 03:58 AM 6/22/2001 -0400, you wrote:<br>
<blockquote type=cite class=cite cite>Could we please, please avoid using
fixed-sized buffers, no matter<br>
how big the buffer is? I just spent the last 3 hrs tracking down<br>
&nbsp;char&nbsp; buff[4096]<br>
in cmSystemTools::cmCopyFile.<br>
<br>
Is there any reason why this function couldn't be implemented using<br>
iterators? For example:<br>
<br>
void cmSystemTools::cmCopyFile(const char* source,<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
const char* destination)<br>
{<br>
&nbsp; std::ifstream fin(source);<br>
&nbsp; std::ofstream fout(destination);<br>
&nbsp; std::copy( std::istream_iterator&lt;char&gt;(fin),
std::istream_iterator&lt;char&gt;(),
std::ostream_iterator&lt;char&gt;(fout) );<br>
}<br>
<br>
Amitha.<br>
<br>
_______________________________________________<br>
Cmake mailing list<br>
Cmake at public . kitware . com<br>
<a href="http://public . kitware . com/mailman/listinfo/cmake" eudora="autourl">http://public . kitware . com/mailman/listinfo/cmake</a>
</blockquote></html>

--=====================_350213159==_.ALT--