Re: [Boost-users] [serialization] basic_xml_iarchive tag checkingbugs
Robert Ramey wrote: Todd Greer wrote:
1. The sense of the check of the flags against no_xml_tag_checking is reversed. By default, checking of xml tag names is not done, contrary to the documentation. If no_xml_tag_checking is passed in as a flag, tag checking is enabled.
My recommended fix for (1) would be to change no_xml_tag_checking to check_xml_tags, and to change the documentation to reflect this. While the more obvious solution would be to simply fix the comparison, this would introduce a silent behavioral change. My recommended fix will fail to compile for those that have specified no_xml_tag_checking, thus alerting them to the change.
I prefer the more obvious fix as I don't want to change the docs and all the other switches are no_...
I have no objection to that.
My recommended fix for (2) is to replace the excerpted code with:
if(0 != (this->get_flags() & check_xml_tags) && rv.object_name != name)
Hmmm - don't we have the same problem here? That is if the object name read is larger than "name" we could still overflow something.
In this case, rv.object_name is a std::string. std::string defines an
operator!=(string const& a, char const* b) that has well defined
semantics regardless of the lengths of a and b. It just requires that b
is a valid c-style string.
--
Todd Greer
participants (1)
-
Todd Greer