digitalmars.D.bugs - [Issue 15702] New: std.socket.Socket.receive is breaks safe

via Digitalmars-d-bugs (30/30) Feb 18 2016 https://issues.dlang.org/show_bug.cgi?id=15702

via Digitalmars-d-bugs <digitalmars-d-bugs puremagic.com> writes:

https://issues.dlang.org/show_bug.cgi?id=15702

          Issue ID: 15702
           Summary: std.socket.Socket.receive is breaks  safe
           Product: D
           Version: D2
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P1
         Component: phobos
          Assignee: nobody puremagic.com
          Reporter: hsteoh quickfur.ath.cx

std.socket.Socket.receive is marked  trusted; however, this is unjustified,
because it receives a void[] as buffer and overwrites the buffer with incoming
socket data. If the buffer is an array of elements with indirection, this will
break  safe-ty:

----
void main()  safe {
    Socket sock = ...;
    Object[] buf = new Object[1];

    // This overwrites the Object ptr with arbitrary data:
    sock.receive(buf, SocketFlags.init);
}
----

This raises the question of whether *any* function that takes in a non-const
void[] can reasonably be marked  trusted, since the original type of the array
has been erased and the function has no way to guarantee that writing to the
void[] won't overwrite pointers with illegal values.

--

Feb 18 2016

D Programming

C/C++ Programming

Other

digitalmars.D.bugs - [Issue 15702] New: std.socket.Socket.receive is breaks safe