Revision as of 05:38, 15 June 2020 edit Wikikash98 (talk \| contribs) 2 edits I started a section on Security of placement new expression. Added couple of citations on the same. Tag: Visual edit ← Previous edit		Revision as of 05:57, 15 June 2020 edit undo Wikikash98 (talk \| contribs) 2 edits m Updated the section on security and corrected a date error on [16] citation Tag: Visual edit Next edit →
Line 229: </syntaxhighlight> This is why the ''pointer placement'' delete functions are defined as no-operations by the Standard C++ library. Since the pointer placement new functions do not allocate any storage, there is no storage to <ref name=":0">{{Cite journal\|last=Kundu\|first=Ashish\|last2=Bertino\|first2=Elisa\|date=June 2011~~-06~~\|title=A New Class of Buffer Overflow Attacks\|url=https://ieeexplore.ieee.org/document/5961725\|journal=2011 31st International Conference on Distributed Computing Systems\|volume=\|pages=730–739\|doi=10.1109/ICDCS.2011.63\|via=IEEE}}</ref>be deallocated in the event of the object's constructor throwing an exception.<ref name=SolterKleper2005 /> If no matching placement delete function exists, no deallocation function is called in the event of an exception being thrown by a constructor within a placement <code>new</code> expression. There are also some (older) C++ implementations that do not support placement delete (which, like the exception-throwing allocator functions, were an addition made to C++ when it was standardized) at all. In both such situations, an exception being thrown by a constructor when allocating using a custom allocator will result in a memory leak. (In the case of the older C++ implementations, a memory leak will also occur with ''non-''placement <code>new</code> expressions.)<ref name=Meyers1998 /><ref name=Anderson1998b /> == Security == Placement new expressions ~~maybe~~are vulnerable to security exploits. In 2011, Kundu and Bertino<ref name=":0" /> demonstrated some of the exploits on placement new. Some of the attacks are buffer overflow attacks, object overflow, selective stackguard overriding, virtual pointer subterfuge, memory misalignment attacks. In 2015, GCC released a patch<ref>{{Cite web\|title=Martin Sebor - [PING] [PATCH] c++/67942 - diagnose placement new buffer overflow\|url=https://gcc.gnu.org/legacy-ml/gcc-patches/2015-10/msg02001.html\|access-date=2020-06-15\|website=gcc.gnu.org}}</ref> based on the findings byin ~~Kundu~~<ref ~~and~~name=":0" ~~Bertino~~/>. ~~Placement delete expression can be exploited by means other than enforcing a memory leak.~~ == Notes ==

Placement syntax: Difference between revisions