Illegal usage of ofstream with nullptr as filename
futile opened this issue · 1 comments
In https://github.com/ldn-softdev/jtc/blob/master/jtc.cpp#L662-L663, an ofstream
is initialized with a nullptr
when no output filename is given. This is illegal, as this constructor of ofstream
internally calls std::basic_filebuf::open()
, which expects a pointer to a null-terminated string (see https://en.cppreference.com/w/cpp/io/basic_ofstream/basic_ofstream and https://en.cppreference.com/w/cpp/io/basic_filebuf/open).
This bug was found using Symbolic Execution techniques developed in the course of the SYMBIOSYS research project at COMSYS, RWTH Aachen University. This research is supported by the European Research Council (ERC) under the EU's Horizon 2020 Research and Innovation Programme grant agreement n. 647295 (SYMBIOSYS).
yes, agree, it might be a problem with some implementations (though for macos it's fine), I'll also update the fix for a safety of the code,
thank you very much!