A serious security bug... caused by no bounds checking.

Tommi tommitissari at hotmail.com
Fri Apr 11 05:37:59 PDT 2014


On Friday, 11 April 2014 at 12:00:32 UTC, Steven Schveighoffer 
wrote:
> On Fri, 11 Apr 2014 00:01:17 -0400, Tommi 
> <tommitissari at hotmail.com> wrote:
>
>> On Friday, 11 April 2014 at 00:52:25 UTC, Steven Schveighoffer 
>> wrote:
>>> If @safe is just a convention, then I don't see the point of 
>>> having it at all. If it can't be a guarantee, then it's 
>>> pretty much another tech buzzword with no teeth.
>>
>> In order to have @safe be a guarantee of memory-safety, we 
>> need to prevent @safe code from calling any @trusted code.
>
> Or manually guarantee the safety of @trusted code.
>
> I should be able to write an application with only @safe 
> functions, and trust that phobos has implemented @trusted 
> functions properly.
>
> -Steve

I was talking about @safe in general sense, not only as it 
pertains to phobos.


More information about the Digitalmars-d mailing list