Copying data into a container that is not large enough to hold that data results in a buffer overflow. To prevent such errors, data copied to the destination container must be restricted on the basis of the destination container's size, or , preferably, the destination container must be guaranteed to be large enough to hold the data to be copied.
...
Copies can be made with the std::memcpy() function. However, the std::memmove() and std::memset() functions can also have the same vulnerabilities because they overwrite a block of memory without checking that the block is valid. Such issues are not limited to C standard library functions; standard template library (STL) generic algorithms, such as std::copy(), std::fill(), and std::transform(), also assume valid output buffer sizes [ISO/IEC 14882-2014].
...
The proper way to use std::copy() is to ensure the destination container can hold all the elements being copied to it. This compliant solution enlarges the capacity of the vector prior to the copy operation:.
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <algorithm>
#include <vector>
void f(const std::vector<int> &src) {
// Initialize dest with src.size() default-inserted elements
std::vector<int> dest(src.size());
std::copy(src.begin(), src.end(), dest.begin());
// ...
}
|
...
The simplest solution is to construct dest from src directly, as in this compliant solution:.
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <vector>
void f(const std::vector<int> &src) {
std::vector<int> dest(src);
// ...
} |
...
However, this compliant solution is inefficient. The constructor will default-construct 10 elements of type int, which are subsequently replaced by the value 0x42 by the call to std::fill_n(), meaning that each element in the container is initialized twice.
...