A serious security bug... caused by no bounds checking.
Steven Schveighoffer
schveiguy at yahoo.com
Fri Apr 11 05:00:34 PDT 2014
On Fri, 11 Apr 2014 00:01:17 -0400, Tommi <tommitissari at hotmail.com> wrote:
> On Friday, 11 April 2014 at 00:52:25 UTC, Steven Schveighoffer wrote:
>> If @safe is just a convention, then I don't see the point of having it
>> at all. If it can't be a guarantee, then it's pretty much another tech
>> buzzword with no teeth.
>
> In order to have @safe be a guarantee of memory-safety, we need to
> prevent @safe code from calling any @trusted code.
Or manually guarantee the safety of @trusted code.
I should be able to write an application with only @safe functions, and
trust that phobos has implemented @trusted functions properly.
-Steve
More information about the Digitalmars-d
mailing list