https://issues.dlang.org/show_bug.cgi?id=20870
Issue ID: 20870 Summary: std.outbuffer.printf is trusted Product: D Version: D2 Hardware: x86 OS: Mac OS X Status: NEW Keywords: safe Severity: enhancement Priority: P1 Component: phobos Assignee: nob...@puremagic.com Reporter: pro.mathias.l...@gmail.com I don't know how that made it past code review. ``` import std.outbuffer; import std.stdio; void main() @safe { char[8] arr = 'a'; auto buff = new OutBuffer(); buff.printf("%.*s", 450000, &arr[0]); writeln(buff.toString()); } ``` This reads random characters off the stack. --