Heartbleed and static analysis
Marco Leise
Marco.Leise at gmx.de
Mon Apr 14 10:47:28 PDT 2014
Am Sun, 13 Apr 2014 09:27:17 -0700
schrieb Walter Bright <newshound2 at digitalmars.com>:
> On 4/13/2014 4:04 AM, Michel Fortin wrote:
> > Interesting. As far as I know, the D GC is also a wrapper around malloc, and it
> > will not return memory using free when an object is deallocated. That rant could
> > also apply to D.
>
> You're right in that a malloc debugger would be ineffective when the D GC is
> used. But the D GC offers its own memory debugging features. They can be turned
> on with version identifiers in the GC source.
...and disabled by default. The point is, programmers who
trade security for performance will now and then lose that
gamble. They WILL circumvent whatever the language offers if
they can gain speed from it. In D there is
minimallyInitializedArray() for them and void-initializers or
pointer arithmetic.
--
Marco
More information about the Digitalmars-d
mailing list