A serious security bug... caused by no bounds checking.

Meta jared771 at gmail.com
Fri Apr 11 08:45:39 PDT 2014


On Friday, 11 April 2014 at 15:43:16 UTC, Dicebot wrote:
> On Friday, 11 April 2014 at 15:15:21 UTC, Meta wrote:
>> Hasn't there been a proposal before to allow 
>> @system/@trusted/@safe blocks, allowing it to be a bit more 
>> granular than at the function level? Maybe:
>>
>> @trusted
>> {
>>    arr.ptr[index]
>> }
>>
>> Could be lowered to (() @trusted => arr.ptr[index]).
>
> I think it was rejected for the very reason that it gives 
> nothing over writing this:
>
> () @trusted
> {
>     arr.ptr[index];
> }();
>
> It has resulted in some changes by Kenji though that guarantee 
> that immediately-called delegate is always inlined. Hope those 
> were merged.

Besides the fact that it's incredibly ugly.


More information about the Digitalmars-d mailing list