I recently encountered the following bug, looping on eof() is not stable unless you check the good() bit. This works under some platforms but not others (linux OK, windows (mingw) - not OK). This could be a candidate for a check.
The check could test to see if the ifstream object is accessed in any other way (ie checking good() bit).
If it is not, then the "text.txt" file becomes a potential DOS vector if it is not trusted. If the test is to be more conservative, it could check for any "break" statements which might otherwise allow loop exit by another means.
Thanks! This is interesting. I imagine there are many such bugs. Can you please report this in our issue tracker so we don't forget it? http://trac.cppcheck.net
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Dear cppcheck developers,
I recently encountered the following bug, looping on eof() is not stable unless you check the good() bit. This works under some platforms but not others (linux OK, windows (mingw) - not OK). This could be a candidate for a check.
The check could test to see if the ifstream object is accessed in any other way (ie checking good() bit).
If it is not, then the "text.txt" file becomes a potential DOS vector if it is not trusted. If the test is to be more conservative, it could check for any "break" statements which might otherwise allow loop exit by another means.
Thanks in advance.
Thanks! This is interesting. I imagine there are many such bugs. Can you please report this in our issue tracker so we don't forget it? http://trac.cppcheck.net
I tried to get a trac login, but did not receive a confirmation email. Can someone with access please add this?