Overflow of C++ containers

Overview

Use this check to detect when you access a libc++ container beyond the region [container.begin(), container.end()], even when the accessed memory is in a heap-allocated buffer the container uses internally. Available in Xcode 7 and later.

Vector overflow in C++

In the following example, the vector variable has valid indexes in the range [0,2], but the accessed index is 3, which causes an overflow:

std::vector<int> vector;
vector.push_back(0);
vector.push_back(1);
vector.push_back(2);
auto *pointer = &vector[0];
return pointer[3]; // Error: out of bounds access for vector

Solution

Add a bounds check before attempting to access a container at a specific index.

Disabling Container Overflow Checks

You may encounter a false-positive ‘Container overflow’ error when code that isn’t compiled with Address Sanitizer modifies a container. For container overflow checks to work correctly, you need to compile all code with Address Sanitizer. If you can’t do this, turn off container overflow checks using one of the following methods:

Set the ASAN_OPTIONS Environment Variable

Set the ASAN_OPTIONS environment variable to detect_container_overflow=0, or append :detect_container_overflow=0 to this environment variable if it has already been set. You should do this under the Scheme for Run targets, or Configurations for Test Plans. Note that for UI tests you may need to set this in the XCUIApplication launchEnvironment.

Define the __asan_default_options function in your executable

Use this method when you can’t control your program’s environment variables. Disable container overflow checks by defining the following function in your executable:

#ifdef __cplusplus
extern "C" {
#endif
#include <sanitizer/asan_interface.h>

__attribute__((used, visibility("default"))) const char *__asan_default_options() {
    return "detect_container_overflow=0";
}
#ifdef __cplusplus
}
#endif

If you set the Exported Symbols File build setting, then also add ___asan_default_options to the file to ensure that the system exports the symbol.

If you set the detect_container_overflow option in both the __asan_default_options function, and the ASAN_OPTIONS environment variable, the system uses the value in the environment variable.

See Also

Address Sanitizer

• Use of deallocated memory
• Deallocation of deallocated memory
• Deallocation of nonallocated memory
• Use of stack memory after function return
• Use of out-of-scope stack memory
• Overflow and underflow of buffers