Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

<string>: ASan annotations do not prevent writing to allocated but uninitialized basic_string memory #5251

Closed
davidmrdavid opened this issue Jan 24, 2025 · 0 comments · Fixed by #5252
Closed

<string>: ASan annotations do not prevent writing to allocated but uninitialized basic_string memory #5251

davidmrdavid opened this issue Jan 24, 2025 · 0 comments · Fixed by #5252
Assignees
@davidmrdavid
Labels
ASan Address Sanitizer bug Something isn't working fixed Something works now, yay!

Comments

@davidmrdavid
Copy link
Member

Describe the bug

ASan does not fire when writing to uninitialized memory in a basic_string, unlike with vector.

Command-line test case

C:\Temp>type repro.cpp
#include <vector>
#include <string>

int main()
{
    // This crashes (expectedly)
    //std::vector<int> vec;
    //vec.reserve(100);
    //vec.data()[50] = 1;

    // This does not crash (it should crash, like `vector`)
    std::basic_string<char> myString;
    myString.reserve(100);
    char* data = &myString[0];
    data[50] = 'A';

}

C:\Temp>cl /EHsc /Zi /fsanitize=address .\repro.cpp

Microsoft (R) C/C++ Optimizing Compiler Version 19.43.34618 for x64
Copyright (C) Microsoft Corporation.  All rights reserved.

repro.cpp
Microsoft (R) Incremental Linker Version 14.43.34618.0
Copyright (C) Microsoft Corporation.  All rights reserved.

/out:repro.exe
/debug
/InferAsanLibs
repro.obj

C:\Temp>.\repro.exe
<no ASan failure thrown>

Expected behavior

ASan should throw a container-overflow-type error due to a WRITE on an uninitialized section of container memory.

STL version

Microsoft Visual Studio Enterprise 2022
Version 17.13.0 Preview 2.1

Additional context

This bug was discovered while developing the basic_string test case for #5241, and has already been discussed internally.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davidmrdavid davidmrdavid

Labels
ASan Address Sanitizer bug Something isn't working fixed Something works now, yay!
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

ASan should detect writing to a basic_string's reserved but uninitialized memory davidmrdavid/STL
2 participants
@StephanTLavavej @davidmrdavid