Buffer overrun with STL vector

Question

I am copying the contents of one STL vector to another. The program is something like this

std::vector<uint_8>  l_destVector(100); //Just for illustration let us take the size as 100.
std::vector<uint_8>  l_sourceVector; //Let us assume that source vector is already populated.

memcpy( l_destVector.data(), l_sourceVector.data(), l_sourceVector.size() );

The above example is pretty simplistic but in my actual code the size of destination vector is dynamically calculated. Also the source vector is getting populated dynamically making it possible to have different length of data. Hence it increases the chance of buffer overrun.

The problem I faced is my program is not crashing at the point of memcpy when there is a buffer overrun but sometime later making it hard to debug.

How do we explain this behavior?

/******************************************************************************************************/ Based on the responses I am editing the question to make my concern more understandable.

So, this is a legacy code and there are lot of places where vector has been copied using memcpy, and we do not intend to change the existing code. My main concern here is "Should memcpy not guarantee immediate crash, if not why ?" , I would honestly admit that this is not very well written code.

A brief illustration of actual use is as follows.

In the below method, i_DDRSPDBuffer and i_dataDQBuffer where generated based on some logic in the calling method.

o_dataBuffer was assigned a memory space that would have been sufficient to take the data from two input buffers, but some recent changes in method that calls updateSPDDataToRecordPerDimm, is causing overrun in one of the flows.

typedef std::vector<uint8_t> DataBufferHndl;
errHdl_t updateSPDDataToRecordPerDimm(
        dimmContainerIterator_t i_spdMmap,
        const DataBufferHndl & i_DDRSPDBuffer,
        const DataBufferHndl & i_dataDQBuffer,
        DataBufferHndl & o_dataBuffer) 

{

uint16_t l_dimmSPDBytes = (*i_spdMmap).second.dimmSpdBytes;

// Get the Data Buffer Handle for the input and output vectors
uint8_t * l_pOutLDimmSPDData = o_dataBuffer.data();
const uint8_t * l_pInDDRSPDData = i_DDRSPDBuffer.data();
const uint8_t * l_pInDQData = i_dataDQBuffer.data();


memcpy(l_pOutLDimmSPDData, l_pInDDRSPDData, l_dimmSPDBytes);
memcpy(l_pOutLDimmSPDData + l_dimmSPDBytes,
    l_pInDQData, LDIMM_DQ_DATA_BYTES);

memcpy(l_pOutLDimmSPDData ,
       l_pInDQData, LDIMM_DQ_DATA_BYTES); ====> Expecting the crash here but the crash happens some where after the method updateSPDDataToRecordPerDimm returns.

}

Answer 1

It doesn't have to crash, it's undefined behaviour.

If you had used std::copy instead with std::vector<uint_8>::iterator s in debug mode, you probably would've hit an assertion which would've caught it.

Answer 2

It doesn't crash right at the moment of memcpy because you 'only' overwrite the memory behind the allocated vector. As long as your program does not read from that corrupt memory and use the data, your program will continue to run.

As already mentioned before, using memcpy is not the recommended way to copy the contents of stl containers. You'd be on the safe side with

std::copy std::vector::assign

And in both cases you'd also get the aforementioned iterator debugging which will trigger close to the point where the error actually is.

Answer 3

Do not do that! It will eventually bite you.

Use either std::copy and and output_iterator , or since you know the size of the destination, resize the vector to the correct size or create a vector of the correct size and pipe the contents straight in, or simply the assignment operator.