Skip to content
This repository has been archived by the owner on Oct 12, 2022. It is now read-only.

Mark all functions with a @safe interface as @trusted #3839

Merged
merged 1 commit into from
Jun 20, 2022
Merged

Mark all functions with a @safe interface as @trusted #3839

merged 1 commit into from
Jun 20, 2022

Conversation

schveiguy
Copy link
Member

Ping @WalterBright

This took 10 minutes.

@schveiguy schveiguy requested a review from CyberShadow as a code owner June 14, 2022 02:36
@dlang-bot
Copy link
Contributor

Thanks for your pull request, @schveiguy!

Bugzilla references

Your PR doesn't reference any Bugzilla issue.

If your PR contains non-trivial changes, please reference a Bugzilla issue or create a manual changelog.

Testing this PR locally

If you don't have a local development environment setup, you can use Digger to test this PR:

dub run digger -- build "master + druntime#3839"

@schveiguy schveiguy added the Trivial typos, formatting, comments label Jun 14, 2022
ljmf00
ljmf00 approved these changes Jun 14, 2022
View reviewed changes
Copy link
Member

@ljmf00 ljmf00 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine according to MSDN documentation.

@RazvanN7
Copy link
Contributor

@WalterBright do you have any comments on this?

@RazvanN7 RazvanN7 added the 72h no objection -> merge The PR will be merged if there are no objections raised. label Jun 17, 2022
@dkorpel dkorpel merged commit 8102c49 into dlang:master Jun 20, 2022
@schveiguy schveiguy deleted the trustedwinsock branch June 20, 2022 13:17
aG0aep6G
aG0aep6G reviewed Jun 23, 2022
View reviewed changes
src/core/sys/windows/winsock2.d
@@ -64,11 +64,11 @@ int getsockopt(SOCKET s, int level, int optname, void* optval, socklen_t* optlen
int setsockopt(SOCKET s, int level, int optname, const(void)* optval, socklen_t optlen);
uint inet_addr(const char* cp);
int select(int nfds, fd_set* readfds, fd_set* writefds, fd_set* errorfds, const(timeval)* timeout);
char* inet_ntoa(in_addr ina);
@trusted char* inet_ntoa(in_addr ina);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

inet_ntoa cannot be @trusted.

https://docs.microsoft.com/en-us/windows/win32/api/winsock2/nf-winsock2-inet_ntoa#remarks says:

The string returned by inet_ntoa resides in memory that is allocated by Windows Sockets. The application should not make any assumptions about the way in which the memory is allocated. The string returned is guaranteed to be valid only until the next Windows Sockets function call is made within the same thread.

I.e., if you dereference the returned pointer after having called another Windows Sockets function, you've got undefined behavior. That's not safe.

src/core/sys/windows/winsock2.d
hostent* gethostbyname(const char* name);
hostent* gethostbyaddr(const(void)* addr, int len, int type);
protoent* getprotobyname(const char* name);
protoent* getprotobynumber(int number);
@trusted protoent* getprotobynumber(int number);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

getprotobynumber cannot be @trusted.

https://docs.microsoft.com/en-us/windows/win32/api/winsock2/nf-winsock2-getprotobynumber#remarks says:

The pointer that is returned points to the structure allocated by Windows Sockets. The application must never attempt to modify this structure [...].

But the return value is mutable. So @safe code might do just that.

@schveiguy schveiguy mentioned this pull request Nov 13, 2022
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@aG0aep6G aG0aep6G aG0aep6G left review comments

@RazvanN7 RazvanN7 RazvanN7 approved these changes

@ljmf00 ljmf00 ljmf00 approved these changes

@CyberShadow CyberShadow Awaiting requested review from CyberShadow

Assignees
No one assigned
Labels
72h no objection -> merge The PR will be merged if there are no objections raised. Trivial typos, formatting, comments
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@schveiguy @dlang-bot @RazvanN7 @ljmf00 @aG0aep6G @dkorpel