@safe and null dereferencing
Moritz Maxeiner via Digitalmars-d
digitalmars-d at puremagic.com
Thu Jul 27 13:38:58 PDT 2017
On Thursday, 27 July 2017 at 20:09:46 UTC, Steven Schveighoffer
wrote:
>
> Well, let's not forget that the services should not be
> dereferencing null. It's still a bug in the code.
Of course, but statistically speaking, all software is buggy so
it's not an unreasonable assumption on the attackers part that
there is at least one null dereference in complex server code
that will eventually trigger.
>
> It just may result in something other than a process exit.
Which is really bad for process supervision, because it'll likely
not detect a problem and not kill+respawn the service.
>
> I bet if you lowered that limit, you would cause all sorts of
> trouble, not just in D safe code. Imagine, any function that
> returns null specifically to mean an error, now may return it
> casually as the address of a valid item! You are going to screw
> up all checks for null!
Indeed, but atm I was only concerned about the implications for D
@safe code.
More information about the Digitalmars-d
mailing list