I am working on a project in Go. I used "unsafe.Pointer(&x)" and while checking with some bug checker and vulnerability checker program, I am getting this warning that I should avoid using this. So I want to know is it really a vulnerability or how can it affect my application. And moreover why this package name is unsafe?
Asked
Active
Viewed 67 times
-4
-
1It doesn't per se make your program "unsafe" somehow, but it means that it opens up a bypass for type safety, so the compiler can no longer guarantee that your code won't crash even when you mess up, it's now up to you to make sure you work with it correctly. – CherryDT Apr 18 '20 at 13:14
-
The package unsafe is named unsafe because it makes your code much more safer. Or maybe not? Package unsafe allows to do unsafe operations and you should **never** use it. Especially if this language is new for you. If you want to play unsafe: Use C or go asm directly. – Volker Apr 18 '20 at 16:25
1 Answers
2
First line from documentation of unsafe library. unsafe
Package unsafe contains operations that step around the type safety of Go programs.
In Go, type safety ensures that type of value and variable type match. unsafe library allows you to get around that. This opens up potential to write undesired values to this particular location. Unless it is really really needed avoid it.
praveent
- 562
- 3
- 10