A serious security bug... caused by no bounds checking.
Steven Schveighoffer
schveiguy at yahoo.com
Thu Apr 10 13:09:54 PDT 2014
On Thu, 10 Apr 2014 16:06:28 -0400, Timon Gehr <timon.gehr at gmx.ch> wrote:
> On 04/10/2014 07:37 PM, Steven Schveighoffer wrote:
>>>
>>
>> That's why we have @trusted. @safe is a special situation, it's not made
>> for optimization, and should be immune to those attempts in deference to
>> safety.
>>
>> -Steve
>
> @safe will often be inferred.
A good point. But in this case, the compiler is able to compile 2
versions, one for when @safe is required, one for when it's not. But this
is only in certain circumstances (global bounds checking is not on, the
function is not inlined, code which causes bounds checking is present,
etc.)
-Steve
More information about the Digitalmars-d
mailing list