[Issue 19819] __FILE__ might emit personally identifiable information in release executable
d-bugmail at puremagic.com
d-bugmail at puremagic.com
Wed Apr 24 01:03:54 UTC 2019
https://issues.dlang.org/show_bug.cgi?id=19819
--- Comment #4 from Lionello Lunesu <lio+bugzilla at lunesu.com> ---
(In reply to Seb from comment #3)
> I am not sure how this could leak secure data. If you do a release build,
> you typically strip away all debug information anyhow and that includes
> __FILE__.
Any usage of __FILE__ becomes a string literal and ends up in release builds as
well. Which makes sense, but was a bit surprising to me.
> Do you have a concrete example on how this could be dangerous or is this
> just a general concern?
My second example shows how my username ended up in the executable, but it
could be all kinds of private information: the product name, or a customer
name.
--
More information about the Digitalmars-d-bugs
mailing list