Title
Negative array bounds in a new-expression
Status
c++11
Section
7.6.2.8 [expr.new]
Submitter
Sean Hunt

Created on 2010-03-23.00:00:00 last changed 96 months ago

Messages

Date: 2010-11-15.00:00:00

[Voted into the WP at the November, 2010 meeting.]

Date: 2010-09-15.00:00:00

Proposed resolution (September, 2010):

  1. Change 7.6.2.8 [expr.new] paragraphs 6 and 7 as follows:

  2. ...If the value of the expression is negative, the behavior is undefined. [Example: given the definition int n = 42, new float[n][5] is well-formed (because n is the expression of a noptr-new-declarator), but new float[5][n] is ill-formed (because n is not a constant expression). If n is negative, the effect of new float[n][5] is undefined.end example]

    When the value of the expression in a noptr-new-declarator is zero, the allocation function is called to allocate an array with no elements. If the value of that expression is less than zero or such that the size of the allocated object would exceed the implementation-defined limit, no storage is obtained and the new-expression terminates by throwing an exception of a type that would match a handler (14.4 [except.handle]) of type std::bad_array_new_length (17.6.4.2 [new.badlength]).

  3. Change 17.6.4.2 [new.badlength] paragraph 1 as follows:

  4. The class bad_array_new_length defines the type of objects thrown as exceptions by the implementation to report an attempt to allocate an array of size less than zero or greater than an implementation-defined limit (7.6.2.8 [expr.new]).
Date: 2010-03-23.00:00:00

Recent changes have added the requirement (7.6.2.8 [expr.new] paragraph 7),

If the value of that expression is such that the size of the allocated object would exceed the implementation-defined limit, no storage is obtained and the new-expression terminates by throwing an exception of a type that would match a handler (14.4 [except.handle]) of type std::bad_array_new_length (17.6.4.2 [new.badlength]).

Given this checking, is there any current reason for the statement in the preceding paragraph,

If the value of the expression is negative, the behavior is undefined.

Presumably for most negative expressions on most platforms, a negative value would result in a too-large request anyway, and even if not the check could easily be expanded to look explicitly for a negative value in addition to a too-large request.

History
Date User Action Args
2014-03-03 00:00:00adminsetstatus: fdis -> c++11
2011-04-10 00:00:00adminsetstatus: dr -> fdis
2010-11-29 00:00:00adminsetmessages: + msg3158
2010-11-29 00:00:00adminsetstatus: tentatively ready -> dr
2010-10-18 00:00:00adminsetmessages: + msg2978
2010-10-18 00:00:00adminsetstatus: drafting -> tentatively ready
2010-08-23 00:00:00adminsetstatus: open -> drafting
2010-03-23 00:00:00admincreate