www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.bugs - [Issue 20870] New: std.outbuffer.printf is trusted


          Issue ID: 20870
           Summary: std.outbuffer.printf is trusted
           Product: D
           Version: D2
          Hardware: x86
                OS: Mac OS X
            Status: NEW
          Keywords: safe
          Severity: enhancement
          Priority: P1
         Component: phobos
          Assignee: nobody puremagic.com
          Reporter: pro.mathias.lang gmail.com

I don't know how that made it past code review.

import std.outbuffer;
import std.stdio;

void main()  safe
    char[8] arr = 'a';
    auto buff = new OutBuffer();
    buff.printf("%.*s", 450000, &arr[0]);

This reads random characters off the stack.

May 28 2020