[Issue 14125] @trusted nested helper functions in std.file
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Wed Feb 4 18:59:00 PST 2015
https://issues.dlang.org/show_bug.cgi?id=14125
--- Comment #46 from Walter Bright <bugzilla at digitalmars.com> ---
I was a bit curious where these misunderstandings came from. Turns out,
example code for C# 'unsafe' code presents not only unsafe code, but an unsafe
interface:
https://msdn.microsoft.com/en-us/library/aa288474(v=vs.71).aspx#vcwlkunsafecode_readfileexample
public unsafe int Read(byte[] buffer, int index, int count)
{
int n = 0;
fixed (byte* p = buffer)
{
if (!ReadFile(handle, p + index, count, &n, 0))
return 0;
}
return n;
}
Note that there's no guarantee that index is within the length of buffer[]. The
poor sot cannot simply review Read(), he's got to review EVERY SINGLE CALLER of
read(). Since this is taught as correct usage of 'unsafe', it's something we're
going to have to regularly auger against.
--
More information about the Digitalmars-d-bugs
mailing list