Checking function parameters in Phobos
Jacob Carlborg
doob at me.com
Wed Nov 20 05:54:05 PST 2013
On 2013-11-20 13:22, Marco Leise wrote:
> None of that is feasible. We can only hope that we simply
> catch every case of user input (or untrusted data) and check
> it before passing it to Phobos APIs. That's why there are
> functions to validate and also to sanitize UTF strings on a
> best effort basis in Phobos.
>
> So in my opinion Phobos should continue forward with assert
> instead of enforce. I/O functions, of course, have to use
> exceptions.
>
> That said, I never thought of validating args[] before passing
> it to getopt or using them as a filename. Lesson learned, I
> guess?
I don't know how getopt behaves but using them as a filename will most
likely end up calling a system function, which will hopefully take care
of the checking.
--
/Jacob Carlborg
More information about the Digitalmars-d
mailing list