[Issue 19916] union member access should be un- at safe

d-bugmail at puremagic.com d-bugmail at puremagic.com
Fri May 31 22:05:33 UTC 2019


--- Comment #12 from Dennis <dkorpel at live.nl> ---
(In reply to Manu from comment #10)
> int x = void;
> array[x]; // boom

In @safe code that either accesses the array within bounds or gives a run-time
range violation. No memory corruption there.

> Accessing uninitialised int's (as above) is possibly the most accessible form ob > buffer overflow I can imagine.

It's not buffer overflow. It can only _lead_ to buffer overflow in @system or
poorly written @trusted code. In @safe code it's merely a logic bug.

If we're going to prevent any language aspect that commonly causes bugs, then
@safe should also disallow classic for-loops, unsigned numbers and

The goals and meaning of @safe are currently clear. Let's not change this by
subjectively disabling other things that only 'feel' unsafe but really aren't
with respect to memory corruption.


More information about the Digitalmars-d-bugs mailing list