https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113531
Bug ID: 113531
Summary: AddressSanitizer: stack-use-after-scope when iterating
over initializer list
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Severity: n
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63
--- Comment #2 from Paul Dreik ---
The fmt lib had the same problem. I wrote a safe duration cast which eventually
morphed into this:
https://github.com/fmtlib/fmt/blob/9b74160817f2bc63288d2111e823a35dd3dbf234/include/fmt/chrono.h#L57-L68
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63
Bug ID: 63
Summary: signed integer overflow in
std::format("{:%S}",std::chrono::duration)
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Severity: norm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62
Bug ID: 62
Summary: signed integer overflow triggered by
std::chrono::parse
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Severity: normal
Prior
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=02
Bug ID: 02
Summary: illegal pointer arithmetic invoked by
std::format("L{:65536}",1)
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Severity: normal
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110860
--- Comment #19 from Paul Dreik ---
Thanks Jonathan!
I am happy to count myself as a gcc contributor now :-D
Never mind the tiny git mistake, that will be forgotten once gcc 14 is out!
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110860
--- Comment #12 from Paul Dreik ---
The last fix is unfortunately not sufficient either, because for abs(__v)<1
log10 becomes negative and that wont convert gracefully to size_t.
I implemented the following fix, which avoids log10 and uses frex
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110860
--- Comment #8 from Paul Dreik ---
I do unfortunately not think the fix is entirely correct.
When 0 is passed, log10 returns -inf, which can not be converted to an integer.
I had a bit of problem to reproduce this with gcc, but it worked with
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110974
--- Comment #1 from Paul Dreik ---
This is very similar to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110862
which has already been fixed on trunk.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110974
Bug ID: 110974
Summary: format out of bounds read on invalid format string
"{:{}."
Product: gcc
Version: 13.2.0
Status: UNCONFIRMED
Severity: normal
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110968
Bug ID: 110968
Summary: format out of bounds read on format("{:05L}",-1.f)
Product: gcc
Version: 13.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Compon
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110862
--- Comment #2 from Paul Dreik ---
(In reply to 康桓瑋 from comment #1)
> It does throw:
>
> https://godbolt.org/z/5q3bb51YE
Sorry for being unclear. Yes, it throws but that is after the out of bounds
read has happened.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110862
Bug ID: 110862
Summary: format out of bands read on format string "{0:{0}"
Product: gcc
Version: 13.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Compon
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110860
Bug ID: 110860
Summary: std::format("{:f}",2e304) invokes undefined behaviour
Product: gcc
Version: 13.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Com
14 matches
Mail list logo
