Why is modifying a string through a retrieved pointer to its data not allowed?

by

Why can’t we write directly to this buffer?

I’ll state the obvious point: because it’s const. And casting away a const value and then modifying that data is… rude.

Now, why is it const? That goes back to the days when copy-on-write was considered a good idea, so std::basic_string had to allow implementations to support it. It would be very useful to get an immutable pointer to the string (for passing to C-APIs, for example) without incurring the overhead of a copy. So c_str needed to return a const pointer.

As for why it’s still const? Well… that goes to an oddball thing in the standard: the null terminator.

This is legitimate code:

std::string stupid;
const char *pointless = stupid.c_str();

pointless must be a NUL-terminated string. Specifically, it must be a pointer to a NUL character. So where does the NUL character come from? There are a couple of ways for a std::string implementation to allow this to work:

  1. Use small-string optimization, which is a common technique. In this scheme, every std::string implementation has an internal buffer it can use for a single NUL character.
  2. Return a pointer to static memory, containing a NUL character. Therefore, every std::string implementation will return the same pointer if it’s an empty string.

Everyone shouldn’t be forced to implement SSO. So the standards committee needed a way to keep #2 on the table. And part of that is giving you a const string from c_str(). And since this memory is likely real const, not fake “Please don’t modify this memory const,” giving you a mutable pointer to it is a bad idea.

Of course, you can still get such a pointer by doing &str[0], but the standard is very clear that modifying the NUL terminator is a bad idea.

Now, that being said, it is perfectly valid to modify the &str[0] pointer, and the array of characters therein. So long as you stay in the half-open range [0, str.size()). You just can’t do it through the pointer returned by data or c_str. Yes, even though the standard in fact requires str.c_str() == &str[0] to be true.

That’s standardese for you.

More Related Contents:

  1. Is writing to &str[0] buffer (of a std:string) well-defined behaviour in C++11?
  2. Will std::string always be null-terminated in C++11?
  3. C++11 introduced a standardized memory model. What does it mean? And how is it going to affect C++ programming?
  4. Converting std::__cxx11::string to std::string
  5. reinterpret_cast creating a trivially default-constructible object
  6. What exactly is the “immediate context” mentioned in the C++11 Standard for which SFINAE applies?
  7. Is it a conforming compiler extension to treat non-constexpr standard library functions as constexpr?
  8. How to return a std::string.c_str()
  9. When is a private constructor not a private constructor?
  10. Matching alias template as template argument
  11. Lambda capture and parameter with same name – who shadows the other? (clang vs gcc)
  12. Is std::abs(0u) ill-formed?
  13. Why does the standard differentiate between direct-list-initialization and copy-list-initialization?
  14. So why is i = ++i + 1 well-defined in C++11?
  15. C++: Can a macro expand “abc” into ‘a’, ‘b’, ‘c’?
  16. When do extra parentheses have an effect, other than on operator precedence?
  17. std::fstream buffering vs manual buffering (why 10x gain with manual buffering)?
  18. What is the difference between C++03 `throw()` specifier and C++11 `noexcept`?
  19. Is a constexpr array necessarily odr-used when subscripted?
  20. Legal to overwrite std::string’s null terminator?
  21. In which versions of the C++ standard does “(i+=10)+=10” have undefined behaviour?
  22. Calling an explicit constructor with a braced-init list: ambiguous or not?
  23. Can we apply content not explicitly cited from the normative references to the C++ standard?
  24. Calling delete on NULL pointers – C++03 vs C++11
  25. std::tuple memory alignment
  26. Rvalues, lvalues and formal definitions
  27. C++ Passing std::string by reference to function in dll
  28. Concatenate compile-time strings in a template at compile time?
  29. What is use of the ref-qualifier `const &&`?
  30. Overload resolution with ref-qualifiers

Leave a Comment