c++20 undefined behavior usage

lirik90 commented 1 year ago

What happened?

Hi. It's can't be compiled with this command:

g++ -std=c++20 -fsanitize=undefined test.cpp

Problem in line 86 file include/jwt-cpp/base.h

static std::initializer_list<std::string> fill{"%3D", "%3d"};

How To Reproduce?

#include <jwt-cpp/traits/kazuho-picojson/defaults.h>
int main() {
  return 0;
}

Version

0.6.0

What OS are you seeing the problem on?

Linux

What compiler are you seeing the problem on?

GCC

Relevant log output

[kirill@main-pc test]$ g++ -std=c++20 -fsanitize=undefined ~/test.cpp 
In file included from /jwt-cpp/include/jwt-cpp/jwt.h:12,
                 from /jwt-cpp/include/jwt-cpp/traits/kazuho-picojson/traits.h:12,
                 from /jwt-cpp/include/jwt-cpp/traits/kazuho-picojson/defaults.h:4,
                 from /home/kirill/test.cpp:2:
/jwt-cpp/include/jwt-cpp/base.h: In static member function «static const std::initializer_list<std::__cxx11::basic_string<char> >& jwt::alphabet::helper::base64url_percent_encoding::fill()»:
/jwt-cpp/include/jwt-cpp/base.h:86:100: ошибка: «(((const std::__cxx11::basic_string<char>*)(& <temporary>)) != 0)» не есть константное выражение
   86 |                                         static std::initializer_list<std::string> fill{"%3D", "%3d"};
      |

Code of Conduct

[X] I agree to follow this project's Code of Conduct

prince-chrismc commented 1 year ago

Create a test for the undefined sanitizer

sjanel commented 1 year ago

This is because std::initializer_list is a proxy object that should not be used as a storage (it has been made for one purpose, being used as a parameter). It could be replaced with a standard array.

The issue can be fixed like this

Thalhammer / jwt-cpp

c++20 undefined behavior usage #300