A serious security bug... caused by no bounds checking.

Brad Anderson eco at gnuk.net
Tue Apr 8 13:20:58 PDT 2014


On Tuesday, 8 April 2014 at 20:07:30 UTC, Martin Krejcirik wrote:
> On Tuesday, 8 April 2014 at 19:47:02 UTC, Andrei Alexandrescu 
> wrote:
>> For the record, dmd used to remove bounds checking in -release 
>> mode. I've asked Walter to add a new flag for that, independent
>
> It still does (for un- at safe functions)

I think -noboundscheck should be renamed -nosafeboundscheck 
because it's just confusing with the name it has. I just did a 
pull request yesterday to help clarify what it does in the 
command line help, at least, because a lot of people are confused 
about this.

> and there is no way to turn it on (if you don't want asserts and
> contracts).

Good point. I think perhaps a -boundscheck is in order if the 
-release behavior is going to stay what it is. It's a shame that 
the flag already means what it does because we can't just have 
-noboundscheck remove them in non- at safe code and a new 
-nosafeboundcheck do it for safe code now.


More information about the Digitalmars-d mailing list