Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add asserts to suppress C28020 #2447

Merged
merged 3 commits into from
Dec 11, 2020
Merged

Add asserts to suppress C28020 #2447

merged 3 commits into from
Dec 11, 2020

Conversation

jbzdarkid
Copy link
Contributor

C28020 is a warning which guards against array out-of-bounds issues.
For some reason, PreFast is flagging this check (and the subsequent check) as a potential security risk due to out-of-bounds. Adding an additional assert (even if it's bananas) silences the warning.


Pull request checklist

Read the Contribution Guidelines for detailed information.

  • Changes are described in the pull request, or an existing issue is referenced.
  • The test suite compiles and runs without error.
  • Code coverage is 100%. Test cases can be added by editing the test suite.
  • The source code is amalgamated; that is, after making changes to the sources in the include/nlohmann directory, run make amalgamate to create the single-header file single_include/nlohmann/json.hpp. The whole process is described here.

Please don't

  • The C++11 support varies between different compilers and versions. Please note the list of supported compilers. Some compilers like GCC 4.7 (and earlier), Clang 3.3 (and earlier), or Microsoft Visual Studio 13.0 and earlier are known not to work due to missing or incomplete C++11 support. Please refrain from proposing changes that work around these compiler's limitations with #ifdefs or other means.
  • Specifically, I am aware of compilation problems with Microsoft Visual Studio (there even is an issue label for these kind of bugs). I understand that even in 2016, complete C++11 support isn't there yet. But please also understand that I do not want to drop features or uglify the code just to make Microsoft's sub-standard compiler happy. The past has shown that there are ways to express the functionality such that the code compiles with the most recent MSVC - unfortunately, this is not the main objective of the project.
  • Please refrain from proposing changes that would break JSON conformance. If you propose a conformant extension of JSON to be supported by the library, please motivate this extension.
  • Please do not open pull requests that address multiple issues.

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
@jbzdarkid jbzdarkid requested a review from nlohmann as a code owner October 26, 2020 21:00
@coveralls
Copy link

coveralls commented Oct 26, 2020

Coverage Status

Coverage remained the same at 100.0% when pulling cde29b3 on jbzdarkid:develop into eaac918 on nlohmann:develop.

include/nlohmann/detail/output/serializer.hpp Outdated Show resolved Hide resolved
single_include/nlohmann/json.hpp Outdated Show resolved Hide resolved
Co-authored-by: Niels Lohmann <niels.lohmann@gmail.com>
@jbzdarkid jbzdarkid requested a review from nlohmann December 3, 2020 20:45
Copy link
Owner

@nlohmann nlohmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@nlohmann nlohmann merged commit e3643aa into nlohmann:develop Dec 11, 2020
@nlohmann
Copy link
Owner

Thanks!

@ScottHutchinson
Copy link

I'm still getting this warning in VS 2019 version 16.8.5. I'm using #pragma warning(disable: 28020) to suppress it for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants