[Issue 18016] using uninitialized value is considered @safe but has undefined behavior
d-bugmail at puremagic.com
d-bugmail at puremagic.com
Wed Jun 5 22:14:16 UTC 2019
https://issues.dlang.org/show_bug.cgi?id=18016
--- Comment #7 from Steven Schveighoffer <schveiguy at yahoo.com> ---
It's garbage data, but it's not garbage pointers. As long as the memory is not
used to reference anything, it's not going to cause a memory corruption to use
it.
Why would you want to use this? Because it's more efficient to not initialize
stack data before overwriting it with the real value.
Can you explain a way that f() is unsafe in the example above? That is, it
results in corrupted memory? Or alternatively, show how you can write code that
is exploitable or could cause memory corruption?
Would you consider this function @safe?
int[] allocate(int size)
{
auto result = cast(int *)malloc(size * int.sizeof);
return result[0 .. size];
}
It doesn't corrupt any memory, the data is not left dangling, as it's not
freed, but it's also not initialized. Is that a big problem?
--
More information about the Digitalmars-d-bugs
mailing list