[Issue 15702] New: std.socket.Socket.receive is breaks @safe
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Thu Feb 18 08:08:15 PST 2016
https://issues.dlang.org/show_bug.cgi?id=15702
Issue ID: 15702
Summary: std.socket.Socket.receive is breaks @safe
Product: D
Version: D2
Hardware: x86_64
OS: Linux
Status: NEW
Severity: major
Priority: P1
Component: phobos
Assignee: nobody at puremagic.com
Reporter: hsteoh at quickfur.ath.cx
std.socket.Socket.receive is marked @trusted; however, this is unjustified,
because it receives a void[] as buffer and overwrites the buffer with incoming
socket data. If the buffer is an array of elements with indirection, this will
break @safe-ty:
----
void main() @safe {
Socket sock = ...;
Object[] buf = new Object[1];
// This overwrites the Object ptr with arbitrary data:
sock.receive(buf, SocketFlags.init);
}
----
This raises the question of whether *any* function that takes in a non-const
void[] can reasonably be marked @trusted, since the original type of the array
has been erased and the function has no way to guarantee that writing to the
void[] won't overwrite pointers with illegal values.
--
More information about the Digitalmars-d-bugs
mailing list