A serious security bug... caused by no bounds checking.
Brad Anderson
eco at gnuk.net
Tue Apr 8 13:20:58 PDT 2014
On Tuesday, 8 April 2014 at 20:07:30 UTC, Martin Krejcirik wrote:
> On Tuesday, 8 April 2014 at 19:47:02 UTC, Andrei Alexandrescu
> wrote:
>> For the record, dmd used to remove bounds checking in -release
>> mode. I've asked Walter to add a new flag for that, independent
>
> It still does (for un- at safe functions)
I think -noboundscheck should be renamed -nosafeboundscheck
because it's just confusing with the name it has. I just did a
pull request yesterday to help clarify what it does in the
command line help, at least, because a lot of people are confused
about this.
> and there is no way to turn it on (if you don't want asserts and
> contracts).
Good point. I think perhaps a -boundscheck is in order if the
-release behavior is going to stay what it is. It's a shame that
the flag already means what it does because we can't just have
-noboundscheck remove them in non- at safe code and a new
-nosafeboundcheck do it for safe code now.
More information about the Digitalmars-d
mailing list