Tuples, CTFE, and Sliding Template Arguments

Walter Bright newshound2 at digitalmars.com
Mon Jan 15 08:03:33 UTC 2024


On 1/12/2024 11:03 PM, Adam Wilson wrote:
> On Saturday, 13 January 2024 at 06:27:51 UTC, Walter Bright wrote:
>>
>> Escaping % is not hard to do. It's ordinary.
>>
> 
> I don't see people arguing that escaping is *difficult* to do. It's not. What 
> *is* difficult is remembering to do it perfectly, every time, and accidentally 
> building a silent injection attack when you (inevitably) fail. Especially since 
> the attack vector is not detectable to linting tools. All systems with a special 
> format-specifier are unsafe for use with SQL. Period.

1027 can do that automatically, so it will work every time. I've written code 
that parsed a string and escaped the naughty bits many times.

> Note that Java considered and rejected your premise in their version of this 
> feature, with their reasoning laid out in the 
> [spec-document](https://openjdk.org/jeps/430).

It's a long document. I'm not sure what you see as my premise and what the Java 
doc is specific about.

As for what my premise is, CTFE code can be written to validate strings. This is 
not difficult to do. It's put in the execi() function. It happens for every 
string. Once the code is written, it will work on every user-supplied istring.

DIP1036e doesn't have any magic bean to validate strings. It also has to code up 
a validator. Coding up the validator is a task for both proposals, and they'd do 
the same thing.

Furthermore, if a string type was passed to execi() as the first argument, it 
would not compile, as 1027 would type it as a `FormatString`, not a `string`. So 
execi() would only work on the output of the string interpolator, not any random 
string.



More information about the Digitalmars-d mailing list