Description
While building SBE-generated C++ code for <group> fields, I see the following compiler warning for code generated from Group->Field elements with a char primitive type:
warning: 'strlen' argument missing terminating nul [-Wstringop-overflow=]
The generated code block looks like this:
class MDIncrementalRefreshTradeSummary42
{
.....
class NoMDEntries
{
.....
SBE_NODISCARD const char *mDEntryType() const
{
static const std::uint8_t mDEntryTypeValues[] = { 50 };
return (const char *)mDEntryTypeValues;
}
Inspecting the situation, I see that:
- SBE-message end-users should use length functions like
mDEntryTypeLength() - The return value of
mDEntryType()truly a pointer to a singlechar, not a NULL-terminated string.
So in that regard, this is not a SBE codegen bug. But, unfortunately any C++ programmer can pass that const char* to a myriad of functions that expect the input to be NULL terminated. This could lead to inadvertent out-of-bounds / buffer-overrun bugs.
Adding a NULL to the static array in that function would mitigate this class of bugs at small expense of static storage. So something like this at this line:
- indent + " static const std::uint8_t %1$sValues[] = { %2$s };\n\n" +
+ indent + " static const std::uint8_t %1$sValues[] = { %2$s, 0 };\n\n" +
While I'm here, I'd also like to thank you for all your fantastic contributions and thought leadership to both software engineering at-large and particularly in the trading community. 🤗