Code security: "auto" / Reason for errors

Ozan via Digitalmars-d digitalmars-d at puremagic.com
Wed Mar 2 13:23:44 PST 2016


On Wednesday, 2 March 2016 at 20:07:30 UTC, Jacob Carlborg wrote:
> On 2016-03-02 21:01, Ozan wrote:
>
>> I agree for slices, but typically variables should have his 
>> own data.
>> int a = 1:
>> int b = a;  // data copy
>>
>> int[] a;
>> int[] b = a; // pointer copy
>>
>> is not the same and should be avoid.
>
> Same thing for objects which are reference types.

Yes, but D handles basic datatypes (int, char, ...) different to 
objects (similar to Java).
And again an assignment like int[] b = a has his risks which 
should be avoid in language design. Reading code requires some 
experience but should would like expected from other languages.
 From security point of view I would recommend a style like

int[] b = a; // data copy
int[] b = a.ptr; // pointer copy, b & a pointing to the same 
data. a == b / a is b
Better as int* b = a.ptr; which has same risks like in C
int[] b = a.slice; // slice "copy", same data but with mighty 
slices, a ?= b / a !is b
int[] b = a.dup; // data copy, a == b / a !is b

Regards, Ozan


More information about the Digitalmars-d mailing list