-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
High
-
Resolution: Fixed
-
Affects Version/s: 6.18/04
-
Component/s: Core Libraries
-
Labels:None
-
Environment:
All
TMemberInspector::TParentBuf::Append looks like this:
// Add "add" to string |
if (!add || !add[0]) return; |
Ssiz_t addlen = strlen(add);
|
fBuf.reserve(fLen + addlen);
|
const char* i = add; |
while (*i) { |
fBuf[fLen++] = *i;
|
++i;
|
}
|
fBuf[fLen] = 0; |
First of all, it's not legal to write to memory through the indexing operator of a vector if it has only been reserved, you need to do resize() for that. I presume you're trying to skip the initialization here.
Second, the resize/reserve should be 'fLen + addlen + 1' to allow that write of '\0' if fLen is 0. I understand the thinking here otherwise, namely that once a +1 is done, you don't need it anymore for any subsequent Append, as you're just overwriting the old '\0'. But if you don't do it on fLen == 0, then it never happens.