-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wrongly trusted return statement in automem.vector.range() allows obtaining a reference to expired stack frame #26
Comments
Nice catch, taking a look. Thanks for reporting! |
So: using @trusted obviously opens a can of worms. But: why isn't |
I tried a couple of things with the current layout, but I couldn't figure out how to make it So far, I'm thinking that only a layout like this could be easily made struct Vector(T)
{
Impl* impl;
long start, end;
struct Impl
{
long refs;
long capacity;
T[0] data;
}
auto range(long start, long end) scope return
{
return Vector!T(impl, start, end);
}
} (Disclaimer: untested, typing on the phone.) |
Agreed, though at least dmd doesn't allow this code without the use of
It's a deficiency of dmd that it doesn't support |
Weirdly enough, this fails to compile as expected with dip1000: typeof(Container.range()) global;
void main() @safe {
auto c = Container();
global = c.range;
}
struct Container {
auto range() @safe return scope {
static struct Range {
Container *self;
}
return Range(&this);
}
}
|
Found out why: it's the |
This
@trusted
block of code:automem/source/automem/vector.d
Lines 313 to 316 in 98d7b1b
allows a pointer to the vector to escape:
Stack corruption PoC:
The text was updated successfully, but these errors were encountered: