-
Notifications
You must be signed in to change notification settings - Fork 10.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Constrain implicit raw pointer conversion to bitwise-copyable values #64927
Comments
atrick
added
bug
A deviation from expected or documented behavior. Also: expected but undesirable behavior.
triage needed
This issue needs more specific labels
labels
Apr 5, 2023
See also rdar://97963116 (It's really easy to accidentally corrupt a Data object with the & operator) |
Fixed in PR: #63825 |
atrick
added
swift 5.9
feature
A feature request or implementation
and removed
bug
A deviation from expected or documented behavior. Also: expected but undesirable behavior.
triage needed
This issue needs more specific labels
labels
Apr 5, 2023
atrick
changed the title
Implicit inout conversion to UnsafeRawPointer is unacceptably unsafe
Constrain implicit raw pointer conversion to bitwise-copyable values
Apr 5, 2023
atrick
added a commit
to atrick/swift
that referenced
this issue
Apr 5, 2023
conversion to bitwise-copyable values Add Constrain implicit raw pointer conversion to bitwise-copyable values
atrick
added a commit
to atrick/swift
that referenced
this issue
Apr 5, 2023
conversion to bitwise-copyable values
atrick
added a commit
to atrick/swift
that referenced
this issue
Apr 5, 2023
conversion to bitwise-copyable values
atrick
added a commit
to atrick/swift
that referenced
this issue
Apr 5, 2023
conversion to bitwise-copyable values
atrick
added a commit
that referenced
this issue
Apr 6, 2023
[Release Notes] Issue #64927: Constrain implicit raw pointer
atrick
added a commit
to atrick/swift
that referenced
this issue
Apr 6, 2023
conversion to bitwise-copyable values (cherry picked from commit 1328df1)
atrick
added a commit
that referenced
this issue
Apr 6, 2023
[5.9][Release Notes] Issue #64927: Constrain implicit raw pointer
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Swift 5.9 introduces warnings that catch conversions from an inout argument in the caller to an
UnsafeRawPointer
in the callee whenever the original type contains an object reference.For general types:
warning: forming an 'UnsafeRawPointer' to a variable of type 'T'; this is likely incorrect because 'T' may contain an object reference.
For arrays:
warning: forming an 'UnsafeRawPointer' to a variable of type '[T]'; this is likely incorrect because 'T' may contain an object reference.
For strings:
warning: forming an 'UnsafeRawPointer' to an inout variable of type String exposes the internal representation rather than the string contents.
This issue is explained in the Swift evolution pitch Constrain implicit raw pointer conversion to bitwise-copyable values.
To workaround these warnings, please refer to Workarounds for common cases.
To understand why the warning is necessary, consider these examples. Here, the user likely wants to inspect the contents of a string, but instead they've leaked the internal representation:
This is a pernicious security issue because the code will happen to work during testing for small strings. Removing the '&' sigil changes the string conversion into an array-like conversion:
In the next example, the author clearly expected Foundation.Data to have the same sort of implicit conversion support as Array:
This compiles without warning, but it unintentionally exposes data object's internal storage representation rather than its elements.
The text was updated successfully, but these errors were encountered: