https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93205
Bug ID: 93205
Summary: std::discrete_distribution's operator>> causes OOM
Product: gcc
Version: 7.5.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
Assignee: unassigned at gcc dot gnu.org
Reporter: njormrod at fb dot com
Target Milestone: ---
std::discrete_distribution's operator>> should work with an invalid stream
(29.6.1.6, Table 105, row 15). Instead, it may OOM.
Relevant code from libstdc++/bits/random.tcc:
2770: size_t __n;
2771: __is >> __n;
2772:
2773: std::vector<double> __prob_vec;
2774: __prob_vec.reserve(__n);
If the istream fails to read __n on line 2771, then the vector is reserved with
garbage size on line 2774, potentially OOMing.
This could be fixed by initializing __n to 0 on line 2770.
