String implementations
Janice Caron
caron800 at googlemail.com
Mon Jan 21 00:17:54 PST 2008
On Jan 21, 2008 8:11 AM, Janice Caron <caron800 at googlemail.com> wrote:
> > But let's get more concrete:
> > suppose D code finds that an alleged char[] passed to it is, in
> > fact, broken (i.e., violates the UTF8 invariants). What should
> > it do -- abort, throw an exception, offer a policy for handling
> > such bugs, other?
>
> It should, and does, throw an exception. Your program may catch the
> exception, but it should reject the input.
In fact, this goes to the heart of almost all modern securty problems
(SQL injection, buffer overruns, etc.). The golden rule is that *ALL*
untrusted input must be sanitised. Every time you don't do that, you
provide an opportunity for hackers.
But at least in the case of UT, it's easy - just let D validate it. If
it doesn't validate, throw it out.
More information about the Digitalmars-d
mailing list