On Wednesday, 7 May 2014 at 15:41:19 UTC, Nick Sabalausky wrote:
On 5/6/2014 6:46 PM, Rene Zwanenburg wrote:
On Tuesday, 6 May 2014 at 02:17:06 UTC, Nick Sabalausky wrote:
So all is well, and deliberately so. Pardon the noise.
IMO it's not. I once had a particularly nasty bug because of
this:
struct S
{
@safe:
string str;
this(string data)
{
import std.digest.md;
str = md5Of(data).toHexString(); // Oops...
}
}
That must be a terribly subtle one, I'm not seeing the problem
at all.
I get that md5Of returns a static array, and then a slice of it
gets passed to toHexString, but AIUI toHexString finishes (and
returns a newly allocated string) before the temporary static
array leaves scope.
toHexString has an overload that takes a static array and can
therefore return a static array (the length is known to be twice
the input length). In essence it's the same bug as directly
storing the result of md5Of, but this was the exact line that was
causing me grief. Indeed, it looks innocent enough..
So, toHexString returns a static array, which can be implicitly
assigned to a member slice. In @safe code. I was horrified ;).
Imo it's one of the most serious violations of D's safe by
default principle.
