Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dip1000: can escape stack pointer through indexed array literal #20901

Open
dkorpel opened this issue Feb 19, 2025 · 0 comments
Open

dip1000: can escape stack pointer through indexed array literal #20901

dkorpel opened this issue Feb 19, 2025 · 0 comments
Labels
dip1000 memory safety with scope, ref, return

Comments

@dkorpel
Copy link
Contributor

dkorpel commented Feb 19, 2025

The compiler accepts this:

// REQUIRED_ARGS: -preview=dip1000
int* f() @safe
{
    int i = 3;
    auto x = &[&i][0]; // Should error, i is escaped into allocated memory
    return *x;
}

Demonstration of memory corruption:

void main()
{
    ubyte[64] buf;
    auto p = f();
    writeln(*p); // 3
    buf[] = 7;
    writeln(*p); // -326519080
}
@dkorpel dkorpel added the dip1000 memory safety with scope, ref, return label Feb 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dip1000 memory safety with scope, ref, return
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dkorpel