[swift-evolution] String(validatingUTF8:) doesn't
Drew Crawford
drew at sealedabstract.com
Thu Apr 21 04:01:51 CDT 2016
I have just now for the second time root-caused yet another "nasty nasty UB bug" from yet another developer who got cut on the very sharp edge of this API:
var result = [40,50,60] as [Int8]
return String(validatingUTF8: result)
This poorly-named String constructor does not take a Swift array of UTF8 bytes, it takes an UnsafePointer to a C string. When that C string is not null-terminated (as shown here), UB ensues.
I believe *at least* we need a sane name for this constructor like String(validatingUTF8CString:) that vaguely suggests what the programmer can do to avoid UB.
I further believe that this API is just plain bad, but swift-dev disagrees and so in the interests of doing something to stop the bleeding I propose we rename.
Drew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.swift.org/pipermail/swift-evolution/attachments/20160421/797dde13/attachment.html>
More information about the swift-evolution
mailing list