Menu
Search

Forums

Forum Index

June 15, 2019
Gravatar of tim.dlang@t-online.dePosted by tim.dlang@t-online.deReply
tim.dlang@t-online.de
Gravatar of tim.dlang@t-online.de


Reply
https://issues.dlang.org/show_bug.cgi?id=19968

          Issue ID: 19968
           Summary: @safe code can create invalid bools resulting in
                    memory corruption
           Product: D
           Version: D2
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P1
         Component: dmd
          Assignee: nobody@puremagic.com
          Reporter: tim.dlang@t-online.de

Variables of type bool are expected to be 0 or 1. Using void initialization this invariant can be wrong. This can result in memory corruption. See the following example:

import std.stdio;

static int[2] data;
static int[253] data2;

void test(bool b) @safe
{
        data[b]++;
}

void main() @safe
{
        bool b = void;
        writeln(data, data2);
        test(b);
        writeln(data, data2);
}

It can happen, that data2 is modified here.

See http://forum.dlang.org/post/brxxdumxnzktcjjjvedo@forum.dlang.org for reference.

Another problem is, that the code generation for !b assumes b is 0 or 1. The following code shows, that bools can seem to be true and false at the same time:

import std.stdio;
void main() @safe
{
    bool b = void;
    if(b)
        writeln("b seems to be true");
    if(!b)
        writeln("b seems to be false");
}

@trusted functions, that are correct for true and false may result in memory
corruption for invalid values.
See http://forum.dlang.org/reply/yrncciusmngbcxztnhyn@forum.dlang.org for
reference.

--