On Tuesday, 29 April 2014 at 10:38:24 UTC, Andrej Mitrovic via
Digitalmars-d wrote:
void main()
{
auto safeCallback = (string user, string pass = "hunter2")
{
writefln("The password is: '%s'", pass);
};
I'm sorry, but can you explain how this lets an attacker learn
anything useful? I think it's a funny trick, and I agree on
principle that it's probably an error that should be fixed, but
I'm having trouble coming up with reasons why being able to
discover the default argument (which I would assume is sentinel
junk) has gravity. I would generally consider literal
assignments in code to be trivially compromised anyway?
-Wyatt
