Safe code as an I/O requirement
Ola Fosheim Grostad via Digitalmars-d
digitalmars-d at puremagic.com
Sun May 28 10:40:06 PDT 2017
On Sunday, 28 May 2017 at 16:58:53 UTC, aberba wrote:
> https://lwn.net/Articles/708196/
>
> From the look of things and feedbacks from several security
> analysts and system developers, [exposed] I/O needs to be
> memory safe.
>
> GStreamer multimedia library developed in C has safety issues
> [see article]. What would its safety be if it was written in D
> (along with its plugins)?
It consists of many libraries. Audio-video decoders tend to be
selected based on performance so no bounds checks. You can
usually do it in a safe manner, but then you either need to adapt
all the algorithms or prove correctness. Both alternatives are
expensive. So really, sandboxing sounds like a more realistic
alternative for an open source media player that aims to support
all formats using third party codecs...
More information about the Digitalmars-d
mailing list