...
Non-Compliant Code Example
ThIS This non-compliant example copies the null-terminated byte string input
into the string email
, replacing ';' characters with spaces. This example is non-compliant because the iterator loc
is invalidated after the first call to insert()
. The behavior of subsequent calls to insert is undefined.
Code Block |
---|
char input[] = "bogus@addr.com; cat /etc/passwd"; string email; string::iterator loc = email.begin(); // copy into string converting ";" to " " for (size_t i=0; i <= strlen(input); i++) { if (input[i] != ';') { email.insert(loc++, input[i]); } else { email.insert(loc++, ' '); } } // end string for each element in NTBS |
Compliant Solution
In thIS this compliant solution, the value of the iterator loc
is updated as a result of each call to insert so that the insert()
method is never called with an invalid iterator. The updated iterator is then incremented at the end of the loop.
...