Safe Haskell and Haskell Platform: near-term tactics

Gregory Collins greg at gregorycollins.net
Tue Jul 17 20:09:35 BST 2012


On Tue, Jul 17, 2012 at 8:51 PM, Yitzchak Gale <gale at sefer.org> wrote:

> So by my reading, it is enough just to look over the
> API to make sure nothing apparently unsafe is
> exported


That's an audit :). I'm just saying that it ought to be done quite
carefully. If we care about Safe Haskell being useful at all, we need to at
least get it right for the platform packages! It's already been noted that
Data.Binary.Builder.Internal, for example, which was marked Trustworthy,
exports an ostensibly pure function that could be used to violate type
safety:

writeN :: Int -> (Ptr Word8 -> IO ()) -> Builder


You need Foreign.Ptr in scope to make that happen, but that's marked
Trustworthy also. Put the two together and you can scribble on arbitrary
memory locations from a pure function.

G
-- 
Gregory Collins <greg at gregorycollins.net>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://projects.haskell.org/pipermail/haskell-platform/attachments/20120717/8e74f5db/attachment.htm>


More information about the Haskell-platform mailing list