You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

The basic_string template class has unusual invalidation semantics. References, pointers, and iterators referring to the elements of a basic_string sequence may be invalidated by the following uses of that basic_string object:

  • As an argument to non-member functions swap(), operator>>(), and getline().
  • As an argument to basic_string::swap().
  • Calling data() and c_str() member functions.
  • Calling non-const member functions, except operator[](), at(), begin(), rbegin(), end(), and rend().

  • Subsequent to any of the above uses except the forms of insert() and erase() which return iterators, the first call to non-const member functions operator[](), at(), begin(), rbegin(), end(), or rend().

Non-Compliant Example

The following non-compliant example copies the null-terminated byte string input into the string email, replacing ';' characters with spaces. This example is non-compliant because the iterator loc is invalidated after the first call to insert(). The behavior of subsequent calls to insert is undefined.

char input[] = "bogus@addr.com; cat /etc/passwd";
string::iterator loc;
string email;

// copy into string converting ";" to " "
for (size_t i=0; i <= strlen(input); i++) {
  if (input[i] != ';') {
    email.insert(loc++, input[i]);
  }
  else {
    email.insert(loc++, ' ');
  }
} // end string for each element in NTBS

Compliant Solution

In the following compliant solution, the value of the iterator loc is updated as a result of each call to insert so that the insert() method is never called with an invalid iterator. The updated iterator is then incremented at the end of the loop.

char input[] = "bogus@addr.com; cat /etc/passwd";
string::iterator loc;
string email;

// copy into string converting ";" to " "
for (size_t i=0; i <= strlen(input); i++) {
  if (input[i] != ';') {
    loc = email.insert(loc, input[i]);
  }
  else {
    loc = email.insert(loc, ' ');
  }
  ++loc;
} // end string for each element in NTBS	

Non-Compliant Example


Compliant Solution

The relationship between size and capacity makes it possible to predict when a call to a non-const member function will cause a string to perform a reallocation. This in turn makes it possible to predice when an insertion will invalidate references, pointers, and iterators (to anything other than the end of the string).

In the following example, the call to push_back() does not invalidate the iterator.

string s;
...
if ( s.size() < s.capacity() ) {
  s.push_back('x');
}

If instead of performing a push_back(), the code were to insert into an arbitrary location in the string, all references, pointers, and iterators from the insertion point to the end of the string are invalidated.

Exceptions

The intent of these iterator invalidation rules is to give implementors greater freedom in implementation techniques. Some implementations implement method version that do not invalidate references, pointers, and iterators in all cases. Check with your implementation specific documentation and document any violation of the semantics specified by the standard for portability.

References

  • No labels