A serious security bug... caused by no bounds checking.
Brad Anderson
eco at gnuk.net
Tue Apr 8 14:15:55 PDT 2014
On Tuesday, 8 April 2014 at 20:50:35 UTC, Steven Schveighoffer
wrote:
> On Tue, 08 Apr 2014 16:07:53 -0400, Brad Anderson
> <eco at gnuk.net> wrote:
>
>> On Tuesday, 8 April 2014 at 19:47:02 UTC, Andrei Alexandrescu
>> wrote:
>>> On 4/8/14, 1:47 AM, Paulo Pinto wrote:
>>>> Me too am glad see bounds checking in D by default.
>>>
>>> For the record, dmd used to remove bounds checking in
>>> -release mode. I've asked Walter to add a new flag for that,
>>> independent from -release, thus keeping release builds safer.
>>> It was the first and last time when I used "if you don't do
>>> this, I can't work on D anymore" card. True story.
>>>
>>>
>>> Andrei
>>
>> There is a lot of confusion about this so I looked into it.
>>
>> dmd still removes bound checking in non- at safe code when you
>> specify -release. -noboundscheck just causes it to remove
>> bounds checking in @safe code too. This is why I think it
>> should be renamed -nosafeboundschecking or something similar.
>
> This does not sound correct. In NO case should you be able to
> remove bounds checking in @safe code.
>
> -Steve
Then we have a bug because that's how it works currently.
https://github.com/D-Programming-Language/dmd/blob/a3743bc645fc065104470cdecbd64e3f14034fdf/src/irstate.c#L193
Reminder of the magic numbers' meanings:
- 2 is the default[1]
- 1 if -release is specified[2]
- 0 if -noboundscheck is specified[3].
1.
https://github.com/D-Programming-Language/dmd/blob/404bbbd1543b045d32166a4462b4bf1f271fbe7c/src/mars.c#L567
2.
https://github.com/D-Programming-Language/dmd/blob/404bbbd1543b045d32166a4462b4bf1f271fbe7c/src/mars.c#L1144
3.
https://github.com/D-Programming-Language/dmd/blob/404bbbd1543b045d32166a4462b4bf1f271fbe7c/src/mars.c#L1148
More information about the Digitalmars-d
mailing list