[OffTopic] A vulnerability postmortem on Network Security Services
Paul Backus
snarwin at gmail.com
Sun Dec 5 21:53:36 UTC 2021
On Sunday, 5 December 2021 at 19:57:18 UTC, SealabJaster wrote:
> Honestly I'd go as far as saying no C code should be marked as
> even @trusted by a human (even wrapper funcs). But that
> unfortunately turns into a "D with C" (@safe + @"trusted") vs
> "D with no C"(@safe only) kind of argument.
This is a step too far, I think. There are several functions
which are guaranteed by the C standard to never invoke undefined
behavior (e.g., getchar, rand, everything in <math.h>). Allowing
functions like these to be marked as @trusted is completely
legitimate.
More information about the Digitalmars-d
mailing list