Bad array indexing is considered deadly
cym13 via Digitalmars-d
digitalmars-d at puremagic.com
Thu Jun 1 15:09:36 PDT 2017
On Thursday, 1 June 2017 at 19:04:19 UTC, H. S. Teoh wrote:
> I like Spolsky's idea of using separate types for tainted /
> verified input. Let the compiler statically verify that you at
> least made an attempt at validating your program's inputs
> (though obviously it can only go so far -- the compiler can't
> guarantee that your validation code is actually correct). The
> problem, though, is that D currently doesn't have tainted
> types, so for example you can't tell at a glance whether a
> given string is untrusted user input or validated data, it's
> all just `string`. I wonder if tainted types could be
> something worth adding either to the language or to Phobos.
I'm not familiar with the idea, do we need more than the
following?
struct Tainted {
T _basetype;
alias _basetype this;
}
void main(string[] args) {
auto ts = Tainted!string("Hello");
writeln(ts);
}
It's a PoC, ok, but it lets you use ts like any variable of the
base type, it lets you convert one easily to the other, but this
conversion has to be explicit. So, real question, what more do we
need?
More information about the Digitalmars-d
mailing list