Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SR-6549] Slice<UnsafeMutableBufferPointer<T>> allows out-of-range assignment #49099

Closed
glessard opened this issue Dec 7, 2017 · 6 comments
Closed

[SR-6549] Slice<UnsafeMutableBufferPointer<T>> allows out-of-range assignment #49099

glessard opened this issue Dec 7, 2017 · 6 comments
Assignees
@glessard
Labels
bug A deviation from expected or documented behavior. Also: expected but undesirable behavior. standard library Area: Standard library umbrella

Comments

@glessard
Copy link
Contributor

glessard commented Dec 7, 2017

Previous ID SR-6549
Radar None
Original Reporter @glessard
Type Bug
Status Closed
Resolution Done
Environment

master and Swift 4.0.3, macOS

Additional Detail from JIRA
Votes 0
Component/s Standard Library
Labels Bug
Assignee @glessard
Priority Medium

md5: 02617406969a7114543e231ac86fb9ae

Issue Description:

A Slice to an UnsafeMutableBufferPointer can be used to assign to memory locations "outside" of the Slice:

let p = UnsafeMutablePointer<Int>.allocate(capacity: 3)
defer { p.deallocate(capacity: 3) }

var b = UnsafeMutableBufferPointer(start: p, count: 3)

b[0] = 0
b[1] = 1
b[2] = 2

var s = b[1..<3]

let i = s.index(before: s.startIndex) // 0
s[i] = 20

print(b[0]) // 20
print(s[0]) // 20

This is probably the expected behaviour in release (-O) mode, but it's strange in debug mode. The reason is that UMBP's _failEarlyRangeCheck methods are empty, and Slice's _failEarlyRangeCheck forwards to its Base's implementation.

Could it be acceptable to introduce _debugPreconditions in UMBP's _failEarlyRangeCheck?
@belkadan
Copy link
Contributor

belkadan commented Dec 7, 2017

cc Lance (JIRA User), @lorentey

@lorentey
Copy link
Member

lorentey commented Dec 7, 2017

That seems like a good idea to me. Do you want to make a PR for this? (I'd be glad to review it.)

We should check the impact on -Onone benchmarks; the default implementation of _failEarlyRangeCheck was removed specifically to speed up unoptimized builds.

@glessard
Copy link
Contributor Author

glessard commented Dec 7, 2017

Will do.

@glessard
Copy link
Contributor Author

glessard commented Dec 8, 2017

@lorentey please see PR-13340

@glessard
Copy link
Contributor Author

glessard commented Dec 8, 2017

I think there is a different fix for this issue that would preserve the no-op implementation of _failEarlyRangeCheck. Protocols specific to Unsafe{Mutable}BufferPointer can be inserted (refinements of Collection and MutableCollection), and Slice could conditionally conform to those. Then the _debugPreconditions could be implemented directly in subscripts specific to that conditional conformance.

@glessard
Copy link
Contributor Author

#13340

@swift-ci swift-ci transferred this issue from apple/swift-issues Apr 25, 2022
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@glessard glessard

Labels
bug A deviation from expected or documented behavior. Also: expected but undesirable behavior. standard library Area: Standard library umbrella
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@glessard @lorentey @belkadan