From patchwork Thu Apr 4 15:29:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonathan Wakely X-Patchwork-Id: 1919850 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=KvDy3pCx; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gcc.gnu.org (client-ip=8.43.85.97; helo=server2.sourceware.org; envelope-from=gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4V9Qbq4MJZz1yYf for ; Fri, 5 Apr 2024 02:32:39 +1100 (AEDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id AB5223858C32 for ; Thu, 4 Apr 2024 15:32:37 +0000 (GMT) X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 7B3643858C50 for ; Thu, 4 Apr 2024 15:32:07 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7B3643858C50 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 7B3643858C50 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712244736; cv=none; b=Yc14awEbR1vdGpmd/x8KXEAs12z5XJgv9A98+54+j91ONzTBnnSxgatTb2FaDthpxeUTYMc9SXDMqqKMf969vuWKyjmpsttKXDMHVJZIjFH0dYi84+1E4M6QxKWjSW7FTriYbSAqbdT212cvdfu3ay8aF5t51VlNy5WJDUCekCk= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712244736; c=relaxed/simple; bh=36E/k3dHfaufWRQF8lRGGkUHUjTesMAw2IkE0ercyeo=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=s6KnCTZBh2UDBGtTSLxbXvWLOjM8kv5U2fvesLoWUlMbiRcLrmAS1sl8zI294WDg/kI/pBRdVvghcHL3FFVe2Dhv1rGPTgWLRJK8rH+SaTIP5qx7oz0rzQ9yx9qaPSu1FQnjLPotvB9TJgRAmEl/pHI7Npvl6+2e4SI8CtCqI0E= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1712244727; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GekgHAjTxDufbxgRueIh6lx9n3OqSkCKO4aGppVRybA=; b=KvDy3pCx1WL93XDnPnwFEZO/mbDRZ0aHR0yEgBH6oqyAhK4ACdCW0QxTWswE/G29dgJj+p O/VSwZLbkJ0A1SlW9BhIJQB2U7XaVgpkK5Eq5umSRIpBKcDI2rDnZFolJ+JZolW8WIw4xN 66belKewdO6ft79dxAZ8pHA/RWP9Glg= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-74-sGg6itbhN92sUPiOG63Qvg-1; Thu, 04 Apr 2024 11:32:03 -0400 X-MC-Unique: sGg6itbhN92sUPiOG63Qvg-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0B9B4185A782; Thu, 4 Apr 2024 15:32:03 +0000 (UTC) Received: from localhost (unknown [10.42.28.152]) by smtp.corp.redhat.com (Postfix) with ESMTP id CF3D0112131D; Thu, 4 Apr 2024 15:32:02 +0000 (UTC) From: Jonathan Wakely To: libstdc++@gcc.gnu.org, gcc-patches@gcc.gnu.org Subject: [PATCH] libstdc++: Fix infinite loop in std::istream::ignore(n, delim) [PR93672] Date: Thu, 4 Apr 2024 16:29:09 +0100 Message-ID: <20240404153158.313297-1-jwakely@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-11.8 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org I would appreciate more eyes on this to confirm my conclusions about negative int_type values, and the proposed fix, make sense. Tested x86_64-linux. -- >8 -- A negative value for the delim value passed to std::istream::ignore can never match any character in the stream, because the comparison is done using traits_type::eq_int_type(sb->sgetc(), delim) and sgetc() never returns negative values (except at EOF). The optimized version of ignore for the std::istream specialization uses traits_type::find to locate the delim character in the streambuf, which _can_ match a negative delim on platforms where char is signed, but then we do another comparison using eq_int_type which fails. The code then keeps looping forever, with traits_type::find saying the character is present and eq_int_type saying it's not. A possible fix would be to check with eq_int_type after a successful find, to see whether we really have a match. However, that would be suboptimal since we know that a negative delimiter will never match using eq_int_type. So a better fix is to adjust the check at the top of the function that handles delim==eof(), so that we treat all negative delim values as equivalent to EOF. That way we don't bother using find to search for something that will never match with eq_int_type. The version of ignore in the primary template doesn't need a change, because it doesn't use traits_type::find, instead characters are extracted one-by-one and always matched using eq_int_type. That avoids the inconsistency between find and eq_int_type. libstdc++-v3/ChangeLog: PR libstdc++/93672 * src/c++98/istream.cc (istream::ignore(streamsize, int_type)): Treat all negative delimiter values as eof(). * testsuite/27_io/basic_istream/ignore/char/93672.cc: New test. --- libstdc++-v3/src/c++98/istream.cc | 5 ++++- .../27_io/basic_istream/ignore/char/93672.cc | 15 +++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 libstdc++-v3/testsuite/27_io/basic_istream/ignore/char/93672.cc diff --git a/libstdc++-v3/src/c++98/istream.cc b/libstdc++-v3/src/c++98/istream.cc index 07ac739c26a..aa1069dea07 100644 --- a/libstdc++-v3/src/c++98/istream.cc +++ b/libstdc++-v3/src/c++98/istream.cc @@ -112,7 +112,10 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION basic_istream:: ignore(streamsize __n, int_type __delim) { - if (traits_type::eq_int_type(__delim, traits_type::eof())) + // sgetc() returns either (int_type)(unsigned char)c or -1 for EOF. + // If __delim is negative, then eq_int_type(sgetc(), __delim) can only + // be true for EOF, so just treat all negative values as eof(). + if (__delim < 0) return ignore(__n); _M_gcount = 0; diff --git a/libstdc++-v3/testsuite/27_io/basic_istream/ignore/char/93672.cc b/libstdc++-v3/testsuite/27_io/basic_istream/ignore/char/93672.cc new file mode 100644 index 00000000000..6d11f5622c8 --- /dev/null +++ b/libstdc++-v3/testsuite/27_io/basic_istream/ignore/char/93672.cc @@ -0,0 +1,15 @@ +// { dg-do run } + +#include +#include + +int main() +{ + std::istringstream in("x\xfdxxx\xfex"); + in.ignore(10, std::char_traits::to_int_type('\xfd')); + VERIFY( in.gcount() == 2 ); + VERIFY( ! in.eof() ); + in.ignore(10, '\xfe'); + VERIFY( in.gcount() == 5 ); + VERIFY( in.eof() ); +}