Page History

...

Some template metaprogramming techniques that employ ""substitution failure is not an error" " (SFINAE) use variadic functions to implement compile-time type queries, as in:

Code Block
typedef char True; typedef struct { char a[2]; } False; template &lt;typename T&gt; True isPtr(T *); False isPtr(...); #define is_ptr(e) (sizeof(isPtr(e)) == sizeof(True))

...

Code Block

bgColor	#FFCCCC

#include &amp;lt;cstdarg&amp;gt;

char *concatenate(char const *s, ...)
    {
    // code to actually concatenate the strings
    }

char *separator = /* some reasonable value */;

char *t = concatenate(&amp;quot;hello&amp;quot;, separator, &amp;quot;world&amp;quot;, NULL);

Calling this function without the trailing null pointer, or with an argument of any type other than ""pointer to possibly-CV-qualified char" " yields undefined behavior:

Code Block

bgColor	#FFCCCC

char *u = concatenate(&amp;quot;hello&amp;quot;, separator, &amp;quot;world&amp;quot;); // undefined behavior

char *v = concatenate(&amp;quot;hello&amp;quot;, ' ', &amp;quot;world&amp;quot;, NULL); // undefined behavior

...

Code Block

bgColor	#ccccff

#include &amp;lt;string&amp;gt;

string separator = /* some reasonable value */;

string s = &amp;quot;hello&amp;quot; + separator + &amp;quot;world&amp;quot;;

Risk Assessment

Incorrectly using a variadic function can result in abnormal program termination, unintended information disclosure, or execution of arbitrary code.

...

Space shortcuts

Page tree

Versions Compared

Old Version 14

New Version 15

Key

Risk Assessment