[OffTopic] A vulnerability postmortem on Network Security Services

Paul Backus snarwin at gmail.com
Sun Dec 5 21:53:36 UTC 2021


On Sunday, 5 December 2021 at 19:57:18 UTC, SealabJaster wrote:
> Honestly I'd go as far as saying no C code should be marked as 
> even @trusted by a human (even wrapper funcs). But that 
> unfortunately turns into a "D with C" (@safe + @"trusted") vs 
> "D with no C"(@safe only) kind of argument.

This is a step too far, I think. There are several functions 
which are guaranteed by the C standard to never invoke undefined 
behavior (e.g., getchar, rand, everything in <math.h>). Allowing 
functions like these to be marked as @trusted is completely 
legitimate.


More information about the Digitalmars-d mailing list