parser: Duplicate locale

The Release testing revealed that compiler might free temporary std::locale instances sooner than we thought, exposing UaF. On 64-bit arch, a reference takes 8 bytes, a std::locale copy takes 16 bytes. So duplicating a locale in each parser instance is not such a big deal to risk an UaF. Signed-off-by: Simon Rozman <simon@rozman.si>
2023-03-16 11:02:23 +01:00 · 2023-03-16 11:02:23 +01:00 · 38fac2837f
commit 38fac2837f
parent 127704d2d8
1 changed files with 1 additions and 1 deletions
--- a/include/stdex/parser.hpp
+++ b/include/stdex/parser.hpp
@ -148,7 +148,7 @@ namespace stdex
 			interval<size_t> interval; ///< Test for interval

 		protected:
-			const std::locale& m_locale;
+			std::locale m_locale;
 		};

 		using parser = basic_parser<char>;