static_array_ref::assign_range assert has to be moved up

OleksandrKvl / sbepp

C++ implementation of the FIX Simple Binary Encoding

https://oleksandrkvl.github.io/sbepp/

MIT License

39 stars 4 forks source link

static_array_ref::assign_range assert has to be moved up #60

Closed ujos closed 2 months ago

ujos commented 2 months ago

In the following code the boundary check assert must be moved before the copy. Otherwise in case of buffer overrun the further application behaviour is undefined.

    SBEPP_CPP20_CONSTEXPR iterator assign_range(R&& r) const
    {
#if SBEPP_HAS_RANGES
        auto res = std::ranges::copy(std::forward<R>(r), begin()).out;
#else
        auto res = std::copy(std::begin(r), std::end(r), begin());
#endif
        SBEPP_ASSERT(res <= end());
        return res;
    }

OleksandrKvl commented 2 months ago

Right, it's intentionally UB. The check can't be moved up because res position can be known only after incoming range is consumed because it can be input range whose size can't be efficiently calculated before copy. It's user's responsibility to verify that input fits into the array.