AMDG Andrey Upadyshev wrote:
I found that template boost::archive::detail::load_enum_type (boost\archive\detail\iserializer.hpp) may overvrite loading enum's value with uninitialized ones. See comments:
template<class Archive, class T> struct load_enum_type { static void invoke(Archive &ar, T &t){ int i; // Initialize 'i' with trash ar >> boost::serialization::make_nvp(NULL, i); // Imagine: some code in archive skips loading t = static_cast<T>(i); // Ooops, get the trash into 't' } };
I think it is more secure to initialize 'i' from 't'. So, if archive's code skips loading, we just get 't' unchanged instead of corrupted. Probably, someone can fix this in svn?
Why should an archive skip loading? If it fails for some reason, it ought to throw an exception. If this is really an important use case, the entire library will probably need to be reviewed as I highly doubt that it was written with that in mind. Also, all that the archive will see is the load of an int. How can it possibly distinguish loading an int that it can safely skip from loading an int that is needed to parse the archive format correctly? In Christ, Steven Watanabe