Amebis/stdex
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

parser: Duplicate locale

Browse Source 
The Release testing revealed that compiler might free temporary
std::locale instances sooner than we thought, exposing UaF.

On 64-bit arch, a reference takes 8 bytes, a std::locale copy takes 16
bytes. So duplicating a locale in each parser instance is not such a big
deal to risk an UaF.

Signed-off-by: Simon Rozman <simon@rozman.si>
This commit is contained in:
Simon Rozman 2023-03-16 11:02:23 +01:00
parent 127704d2d8
commit 38fac2837f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/stdex/parser.hpp
View File

@ -148,7 +148,7 @@ namespace stdex
interval<size_t> interval; ///< Test for interval interval<size_t> interval; ///< Test for interval
protected: protected:
const std::locale& m_locale; std::locale m_locale;
}; };
using parser = basic_parser<char>; using parser = basic_parser<char>;