[OffTopic] A vulnerability postmortem on Network Security Services

Ola Fosheim Grøstad ola.fosheim.grostad at gmail.com
Mon Dec 6 02:09:51 UTC 2021

On Sunday, 5 December 2021 at 21:53:36 UTC, Paul Backus wrote:
>There are several functions
> which are guaranteed by the C standard to never invoke 
> undefined behavior (e.g., getchar, rand, everything in 
> <math.h>). Allowing functions like these to be marked as 
> @trusted is completely legitimate.

Most standalone functions and even syscalls can be made safe with 
a thin wrapper. The real challenge is a framework that presumes 
manual memory management. Difficult to deal with, maybe importC 
can enable some static analysis?

More information about the Digitalmars-d mailing list