A serious security bug... caused by no bounds checking.
Steven Schveighoffer
schveiguy at yahoo.com
Thu Apr 10 10:37:53 PDT 2014
On Thu, 10 Apr 2014 13:25:25 -0400, bearophile <bearophileHUGS at lycos.com>
wrote:
> Steven Schveighoffer:
>
>> No, the author of the @safe code expects bounds checking, it's part of
>> the requirements.
>
> Take a look ad Ada language. It has bounds checking and its compilers
> have a switch to disable those checks. If you want the bounds checking
> don't use the switch that disables the bounds checking. Safety doesn't
> mean to have no way to work around safety locks. It means have nice
> handy locks that are active on default. In a system language total
> safety is an illusion. Better to focus on real world safety and not a
> illusion of theoretical safety.
That's why we have @trusted. @safe is a special situation, it's not made
for optimization, and should be immune to those attempts in deference to
safety.
-Steve
More information about the Digitalmars-d
mailing list