A serious security bug... caused by no bounds checking.
Steven Schveighoffer
schveiguy at yahoo.com
Tue Apr 8 09:20:40 PDT 2014
On Tue, 08 Apr 2014 11:55:35 -0400, Paulo Pinto <pjmlp at progtools.org>
wrote:
> Am 08.04.2014 16:57, schrieb Steven Schveighoffer:
>> Note, you can disable bounds checking on an expression basis by
>> replacing this:
>>
>> arr[x]
>>
>> with this:
>>
>> arr.ptr[x]
>>
>> The only tricky part is if you have to slice, and you are using $:
>>
>> arr.ptr[x..$]
>>
>> doesn't work, you have to use:
>>
>> arr.ptr[x..arr.length]
>>
>
> Is that only allowed in @system?
Probably. Is that an issue? Disabling bounds-checking in @safe code is a
bad idea.
-Steve
More information about the Digitalmars-d
mailing list