feedc0de/boost_container
1
0
Fork 0
forked from boostorg/container
Code Pull Requests Activity

Fixes GitHub #75 ("flat_set: Heap overflow")

Browse Source
This commit is contained in:
Ion Gaztañaga
2018-06-26 21:50:05 +02:00
parent 920e009d71
commit e9d10ce544
2 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
doc/container.qbk
View File

@ -1253,6 +1253,7 @@ use [*Boost.Container]? There are several reasons for that:
* [@https://svn.boost.org/trac/boost/ticket/13533 Trac #13533: ['"Boost vector resize causes assert(false)"]].
* [@https://github.com/boostorg/container/issues/73 GitHub #73: ['"triviality of pair"]].
* [@https://github.com/boostorg/container/issues/74 GitHub #74: ['"vector assignment not using memcpy"]].
* [@https://github.com/boostorg/container/issues/75 GitHub #75: ['"flat_set: Heap overflow"]].
* Fixed race condition bug in [classref boost::container::pmr::unsynchronized_pool_resource unsynchronized_pool_resource]
found by Arthur O'Dowyer in his blog post
[@https://quuxplusone.github.io/blog/2018/06/05/libcpp-memory-resource/ <memory_resource> for libc++]

12
include/boost/container/vector.hpp
View File

@ -2197,11 +2197,11 @@ class vector
template<class InputIt, class Compare>
BOOST_CONTAINER_FORCEINLINE void merge_unique(InputIt first, InputIt last, Compare comp)
{
size_type const s = this->size();
size_type const old_size = this->size();
this->priv_set_difference_back(first, last, comp);
T *const raw_beg = this->priv_raw_begin();
T *const raw_end = this->priv_raw_end();
T *raw_pos = raw_beg + s;
T *raw_pos = raw_beg + old_size;
boost::movelib::adaptive_merge(raw_beg, raw_pos, raw_end, comp, raw_end, this->capacity() - this->size());
}
@ -2278,14 +2278,14 @@ class vector
if (comp(*first1, *first2)) {
this->emplace_back(*first1);
//Reallocation happened, update range
T * const raw_begin = this->priv_raw_begin();
if(old_first2 != raw_begin){
if(old_first2 != raw_begin)
{
//Reallocation happened, update range
first2 = raw_begin + (first2 - old_first2);
last2 = first2 + (last2 - old_first2);
last2 = raw_begin + (last2 - old_first2);
old_first2 = raw_begin;
}
++first1;
}
else {