April 29, 2014 Re: Default arguments in function callbacks not taken into account when instantiating templates has huge security implications | ||||
|---|---|---|---|---|
| ||||
 Attachments:
| This is a compiler bug.
When template parameter C is deduced from the call handler(safeCallback), the default argument `= "hunter2" should be stripped from the deduced function pointer type.
Then, the call callback("John"); in handler template function body should
fail to compile always, because void function(string, string) is not
callable using one string argument.
Kenji Hara
2014-04-29 19:38 GMT+09:00 Andrej Mitrovic via Digitalmars-d < digitalmars-d@puremagic.com>:
> -----
> import std.traits;
> import std.stdio;
>
> void handler(C)(C callback)
> {
> callback("John");
> }
>
> void main()
> {
> auto safeCallback = (string user, string pass = "hunter2")
> {
> writefln("The password is: '%s'", pass);
> };
>
> handler(safeCallback);
> someOtherFunc();
> }
>
> void someOtherFunc()
> {
> auto hijackPassword = (string user, string pass)
> {
> writefln("Now I know your password: '%s'", pass);
> };
>
> handler(hijackPassword);
> }
> -----
>
| |||
Permalink
ReplyCopyright © 1999-2021 by the D Language Foundation