On 2013-11-20 13:22, Marco Leise wrote:
None of that is feasible. We can only hope that we simply
catch every case of user input (or untrusted data) and check
it before passing it to Phobos APIs. That's why there are
functions to validate and also to sanitize UTF strings on a
best effort basis in Phobos.
So in my opinion Phobos should continue forward with assert
instead of enforce. I/O functions, of course, have to use
exceptions.
That said, I never thought of validating args[] before passing
it to getopt or using them as a filename. Lesson learned, I
guess?
I don't know how getopt behaves but using them as a filename will most
likely end up calling a system function, which will hopefully take care
of the checking.
--
/Jacob Carlborg
