Why does nobody seem to think that `null` is a serious problem in D?
Tony
tonytdominguez at aol.com
Mon Dec 3 03:09:16 UTC 2018
On Saturday, 1 December 2018 at 19:02:54 UTC, H. S. Teoh wrote:
>
> But that's precisely the problem. It's not always possible to
> tell whether a variable has been initialized. E.g.:
To me, the possibility of a "false positive" doesn't preclude the
use of a warning unless that possibility is large. Besides using
a compiler option or pragma to get rid of it, the warning also
goes away if you assign NULL or (X *) 0. Surprisingly, clang (gcc
6.3 does not give the warning) is not smart enough to then issue
a "possibly dereferencing null pointer" warning.
>
> Therefore, leaving it up to the compiler to detect
> uninitialized variables is unreliable, and therefore any code
> that depends on this cannot be trusted. Code like the above
> could be exploited by a sufficiently sophisticated hack to make
> the uninitialized value of p coincide with something that will
> open a security hole, and the compiler would not be able to
> reliably warn the programmer of this problem.
I don't know that "leaving it up to the compiler" is a correct
characterization. I don't see the programmer doing anything
different with the warning capability in the compiler than if it
wasn't there. In either case, the programmer will attempt to
supply values to all the variables they have declared and are
intending to use, and in the correct order.
More information about the Digitalmars-d-learn
mailing list