https://issues.dlang.org/show_bug.cgi?id=19965
Issue ID: 19965
Summary: [DIP1000] Template allows to escape internal pointer
Product: D
Version: D2
Hardware: All
OS: All
Status: NEW
Keywords: safe
Severity: critical
Priority: P1
Component: dmd
Assignee: nob...@puremagic.com
Reporter: d...@me.com
The following code compiles successfully with DIP1000 enabled:
struct Buffer
{
int[10] data;
int[] getData() @safe return
{
return data[];
}
}
struct Foo()
{
Buffer buffer;
int[] toArray() @safe return
{
return buffer.getData;
}
}
int[] a;
void main() @safe
{
Foo!() f;
a = f.toArray;
}
In the above example, a pointer to `data` (through the dynamic array returned
by `getData`) is escaped to `a`. If `Foo` is not a template the code fails to
compile, as expected.
--
