Default arguments in function callbacks not taken into account when instantiating templates has huge security implications
Kenji Hara via Digitalmars-d
digitalmars-d at puremagic.com
Tue Apr 29 10:09:16 PDT 2014
This is a compiler bug.
When template parameter C is deduced from the call handler(safeCallback),
the default argument `= "hunter2" should be stripped from the deduced
function pointer type.
Then, the call callback("John"); in handler template function body should
fail to compile always, because void function(string, string) is not
callable using one string argument.
Kenji Hara
2014-04-29 19:38 GMT+09:00 Andrej Mitrovic via Digitalmars-d <
digitalmars-d at puremagic.com>:
> -----
> import std.traits;
> import std.stdio;
>
> void handler(C)(C callback)
> {
> callback("John");
> }
>
> void main()
> {
> auto safeCallback = (string user, string pass = "hunter2")
> {
> writefln("The password is: '%s'", pass);
> };
>
> handler(safeCallback);
> someOtherFunc();
> }
>
> void someOtherFunc()
> {
> auto hijackPassword = (string user, string pass)
> {
> writefln("Now I know your password: '%s'", pass);
> };
>
> handler(hijackPassword);
> }
> -----
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.puremagic.com/pipermail/digitalmars-d/attachments/20140430/d9df0bac/attachment.html>
More information about the Digitalmars-d
mailing list