A serious security bug... caused by no bounds checking.
Steven Schveighoffer
schveiguy at yahoo.com
Thu Apr 10 11:13:30 PDT 2014
On Thu, 10 Apr 2014 14:08:48 -0400, Tommi <tommitissari at hotmail.com> wrote:
> On Thursday, 10 April 2014 at 17:56:04 UTC, Steven Schveighoffer wrote:
>> @safe code can be marked as @trusted instead, and nothing changes,
>> except @trusted code can have bounds checks removed. How does this not
>> work as a solution?
>
> A compiler flag for disabling bounds checking is a blunt instrument. But
> using search & replace to change each @safe to @trusted is a blunt _and_
> inconvenient instrument.
So don't use it bluntly. For example, disabling bounds checks on the args
array in main will not help your performance.
As a general rule, first profile, then optimize.
-Steve
More information about the Digitalmars-d
mailing list