Typical security issues in C++: why the GC isn't your enemy
RTM
riven at baryonides.ru
Mon Jan 23 16:56:48 UTC 2023
On Monday, 23 January 2023 at 16:31:01 UTC, Dom DiSc wrote:
>
> That's so because a whole trusted function is an abomination.
> Most of the time it should look more like this:
>
> ```d
> @safe fn()
> {
> // lot of safe stuff
>
> @trusted {
> @assert(/*systemFunc is safe to be used with param1*/);
> @assert(/*systemFunc is safe to be used with param2*/);
> systemFunc(param1, param2);
> }
>
> // more safe stuff
>
> }
> ```
>
Should be:
```d
@safe fn()
{
// lot of safe stuff
fghn(param1, param2);
// more safe stuff
}
@trusted fghn(p1, p2)
{
assert(...);
assert(...);
systemFunc(p1, p2);
}
```
More information about the Digitalmars-d
mailing list