Geek Answers Handbook

A hardcoded std :: string declaration causes a buffer overflow

I have the following line in my program that raises a warning at runtime:

if (!is_directory("C:\\NGFMS_Debug\\Files") && !create_directories("C:\\NGFMS_Debug\\Files"))

The warning text looks like this: "A buffer overflow occurred in XXX.exe, which damaged the internal state of the program."

A warning appears in the call to "is_directory (...)". I assume that the space for the line does not get allocated, but I thought that syntax like this was legal.

The is_directory function is part of boost / filesystem.hpp, and I use the following namespaces:

 using namespace boost; using namespace boost::filesystem; using namespace std;

This is compilation under VS2005 C ++. Any ideas?

Update

I tried a couple of different things and went through the code, and here is what I found.

If i do it

 char* path_chars_c; path_chars_c = "C:\\Debug\\Files"; string path_str_c(path_chars_c);

The path_chars_c variable contains the corresponding string, but the path_str_c variable contains garbage after initialization. Thus, it seems that here the line initialization is initialized. Has anyone ever seen this?

+7
source share
1 answer

This is an amazing mistake - it seems like a pretty standard use of boost :: filesystem :: is_directory (). Did you try to enter it with a debugger to find out where this problem is?

One (remote) opportunity comes in - if you link libraries in which NDEBUG is enabled with libraries that are disabled by NDEBUG, you may run into problems. In particular, several additional data types will highlight additional fields for debugging when debugging is enabled. Therefore, if an object is created in one piece of code that considers debugging to be disabled, but then is used by another piece of code that believes that debugging is enabled, then you may receive random memory errors (for example, buffer overflows).

+6
source

More articles:


All Articles