Hacker Neue

Preferences
alchemio
Zig’s general purpose allocator might detect use after free in debug builds, however zig appears to be ok with dangling (invalidated) pointers/slices and use after free for stack variables, which is more concerning, especially from a security standpoint.

```zig

const std = @import("std");

fn get_ptr() i32 { var a: i32 = 6; return &a; }

pub fn main() void {

    var x: ?*i32 = undefined;
    {
        var a: i32 = 5;
        x.? = &a;
    }
    std.debug.print("{} {}", .{ x.?.*, get_ptr().* });
}

``` These are trivial examples that Zig doesn’t even warn about, even though similar code in C or C++ gets a warning in gcc and clang.

This discussion:

https://ziggit.dev/t/what-makes-ban-returning-pointer-to-sta...

indicates that core zig devs aren’t interested in diagnosing such usage.

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal