[OffTopic] A vulnerability postmortem on Network Security Services
Ola Fosheim Grøstad
ola.fosheim.grostad at gmail.com
Mon Dec 6 02:09:51 UTC 2021
On Sunday, 5 December 2021 at 21:53:36 UTC, Paul Backus wrote:
>There are several functions
> which are guaranteed by the C standard to never invoke
> undefined behavior (e.g., getchar, rand, everything in
> <math.h>). Allowing functions like these to be marked as
> @trusted is completely legitimate.
Most standalone functions and even syscalls can be made safe with
a thin wrapper. The real challenge is a framework that presumes
manual memory management. Difficult to deal with, maybe importC
can enable some static analysis?
More information about the Digitalmars-d