On Friday, 23 March 2018 at 20:33:40 UTC, Jack Stouffer wrote:
If @safe doesn't protect against buffer overflows then chuck the whole thing out the window and start over.
Then chuck the whole thing out the window and start your own review over and include the @safe code this time.
You say it is reasonable to assume that mallac isn't a problem but I disagree depending on you needs to be secure.
In that space you can't rely on other programmers to have correctly verified.
The compiler checks @safe code, not @system or @trusted. These are there to indicate you need to review the code, not to indicate review has determined it to be bullet proof.
Yes zlib may be too much to review, so don't use it. Rewrite your C libraries in @safe so the compiler does the validation for you.
