Bad array indexing is considered deadly
H. S. Teoh via Digitalmars-d
digitalmars-d at puremagic.com
Thu Jun 1 09:16:43 PDT 2017
On Thu, Jun 01, 2017 at 06:26:24AM -0400, Steven Schveighoffer via Digitalmars-d wrote:
[...]
> Of course, programming bugs cause all kinds of Errors and Exceptions
> alike. Environmental bugs can cause Array overflows.
>
> I can detail exactly what happened in my code -- I am accepting dates
> from a given week from a web request. One of the dates fell outside
> the week, and so tried to access a 7 element array with index 9.
> Nothing corrupted memory, but the runtime corrupted my entire process,
> forcing a shutdown.
[...]
Isn't this a case of failing to sanitize user input adequately before
using it for internal processing? And failing to test the code with
pathological data to ensure resilience before deploying to a live
server?
In this case, nothing worse happened than an out-of-bounds array index.
But we all know what *could* happen with unsanitized user input in other
cases...
T
--
Stop staring at me like that! It's offens... no, you'll hurt your eyes!
More information about the Digitalmars-d
mailing list