C++ Sanitize string function

Question

I need to build my own sanitize function for the following chars:

', ", \, \n, \r, \0 and CTRL-Z

I want to make sure that the following code will do the trick with no side effects:

#include <iostream>
#include <string>
#include <memory>
#include <sstream>
#include <iomanip>
#include <algorithm>    

void sanitize (std::string &stringValue)
{
    stringValue.replace(stringValue.begin(), stringValue.end(), "\\", "\\\\");
    stringValue.replace(stringValue.begin(), stringValue.end(), "'", "\\'");
    stringValue.replace(stringValue.begin(), stringValue.end(), "\"", "\\\"");
    stringValue.replace(stringValue.begin(), stringValue.end(), "\n", "");
    stringValue.replace(stringValue.begin(), stringValue.end(), "\r", "");
    stringValue.replace(stringValue.begin(), stringValue.end(), "\0", "");
    stringValue.replace(stringValue.begin(), stringValue.end(), "\x1A", "");
}

int main()
{
    std::string stringValue = "This is a test string with 'special //characters\n";

    std::cout << stringValue << std::endl;

    sanitize(stringValue);

    std::cout << stringValue << std::endl;
}

This code is not working. Error:

    terminate called after throwing an instance of 'std::length_error'
  what():  basic_string::_M_replace
      1 
      1 This is a test string with 'special //characters

Original code here

Answer 1

See comment to my post as to why your replace calls are incorrect. "\\0" has another problem:

stringValue.replace(stringValue.begin(), stringValue.end(), "\0", "");

\\0 marks the end of a C string, so it will try to replace an empty string with an empty string. It seems you are removing \\n, \\r, \\0 and CTRL-Z , in which case you can use the erase-remove idiom instead for these:

void sanitize(std::string &stringValue)
{
    // Add backslashes.
    for (auto i = stringValue.begin();;) {
        auto const pos = std::find_if(
            i, stringValue.end(),
            [](char const c) { return '\\' == c || '\'' == c || '"' == c; }
        );
        if (pos == stringValue.end()) {
            break;
        }
        i = std::next(stringValue.insert(pos, '\\'), 2);
    }

    // Removes others.
    stringValue.erase(
        std::remove_if(
            stringValue.begin(), stringValue.end(), [](char const c) {
                return '\n' == c || '\r' == c || '\0' == c || '\x1A' == c;
            }
        ),
        stringValue.end()
    );
}

See it working here .