On Mon, Jun 23, 2014 at 4:49 PM, Daniel Micay <danielmi...@gmail.com> wrote: > I don't understand what the problem would be with my proposal to have > either `checked { }` or checked operators + a lint for unchecked usage.
I don't see 'checked { }' anywhere in the discussion before this message... sounds like it should be doable as a macro too. I think it would be nice to at least make checked arithmetic *really easy* like that. For example, I was just analyzing an integer overflow vulnerability in a tricky C++ function in a low-level component that parses binary files. If the component were written in Rust, because it's low-level, normal memory safety checks might or might not be sufficient - but since most of it is not terribly performance sensitive, a good hardening approach would be to liberally add checked {} around such functions or even the whole file. _______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev