On 2/6/2015 4:17 AM, Kagamin wrote:
On Friday, 6 February 2015 at 08:58:05 UTC, Walter Bright wrote:
On 2/6/2015 12:31 AM, Kagamin wrote:
On Thursday, 5 February 2015 at 23:39:39 UTC, Walter Bright wrote:
static void trustedMemcopy(T[] dest, T[] src) @trusted
{
assert(src.length == dest.length);
memcpy(dest.ptr, src.ptr, src.length * T.sizeof);
}
Should be enforce: assert doesn't guard against malicious usage.
Cue my endless attempts to explain the difference between input errors and
logic errors :-(
A little offtop: if this function is compiled in release mode and compiler
assumes assert holds, it's free to use dest.length instead of src.length and if
at runtime dest is longer than src, this will create heartbleed-like bug in safe
code.
Sigh. Please visit your nearest Catholic school and ask one of the nuns to
thwack your knuckles with a ruler!
