bug in String class

bug-commoncpp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug in String class

From:	Migel Nick
Subject:	bug in String class
Date:	Fri, 1 Jul 2005 16:42:32 +0400

Hi!

I think there is a bug in string.cpp in commoncpp2-1.3.12 and
previous versions.

size_t String::setSize(size_t chars)
{
  if(chars <= minsize && !isBig())
    return minsize;

  if(chars <= slotlimit)
  {
    chars = chars / slotsize;
    ++chars *= slotsize; //!!! HERE !!!
    // if (chars % slotsize == 0) you don't need allocate additional
    // slotsize. And in case when length of original string equals 511
    // bytes it will core dumped in clear().    
  }
  content.bigstring.size = chars;
  return chars;
}

void String::clear(void)
{
  char **next;
  unsigned slot;

  if(!isBig())
    goto end;

  if(!content.bigstring.text)
    goto end;

  // the length of origial string equals 511 bytes + '\0' = 512 bytes
  // and it allocated from pool not a heap, but due to error in
  // setSize  getSize() returned 544.
  if(getSize() > slotlimit) !!! HERE !!!
  {
    delete[] content.bigstring.text;
    goto end;
  }

  slot = ((unsigned)getSize() - 1) / slotsize;
  next = (char **)content.bigstring.text;
  mutex.enterMutex();
  *next = idx[slot];
  idx[slot] = content.bigstring.text;
  setLength(0);
  content.bigstring.text = NULL;
  mutex.leaveMutex();

end:
  init();
  return;
}


Patch is attached.

Nick Migel

string.patch
Description: Text document

[Prev in Thread]

Current Thread

[Next in Thread]

bug in String class, Migel Nick <=
- Re: bug in String class, David Sugar, 2005/07/01

Next by Date: Re: bug in String class
Next by thread: Re: bug in String class
Index(es):
- Date
- Thread