David Benjamin f4c1e8747b [libc++][hardening] Reclassify string_view(ptr, len)'s size assertion (#79297) ...

The comment makes this error condition sound less problematic than it
is. If the length does not match the pointer's bounds, all
bounds-checking in string_view goes wrong. A length over PTRDIFF_MAX
cannot possibly be a correct bounds and was mostly an underflowed
negative number cast to a size_t.

The documentation for _LIBCPP_ASSERT_VALID_INPUT_RANGE discusses ranges
being valid, including an iterator and a count, which seemed appropriate
here.

2024-03-11 16:28:05 -04:00

41 KiB

Raw Blame History

View Raw