[Issue 8471] std.stdio.readf should be @trusted
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Wed Jan 18 05:29:26 PST 2017
https://issues.dlang.org/show_bug.cgi?id=8471
--- Comment #6 from Jakub Łabaj <uaaabbjjkl at gmail.com> ---
Currently I see one way to break the safety, which is to not pass a real
pointer, but a structure with unary '*' overloaded:
@safe unittest
{
struct Unsafe
{
int* x;
ref int opUnary(string s)() if (s == "*")
{
int y;
// int* ptr = &y; // not @safe
return *x;
}
}
static int x;
static Unsafe unsafe;
unsafe.x = &x;
string text = "10";
formattedRead(text, "%d ", unsafe); // called by readf
assert(*unsafe.x == 10);
}
Probably I can't mess up assignment operator nor constructor, because only
builtin types are parsable (constrained by function unformatValue). So I think
making formattedRead / readf accepting only pointers to builtin types is a way
to make them @trusted.
--
More information about the Digitalmars-d-bugs
mailing list