Date: Sat, 23 Aug 2025 08:40:24 +0000
It's extremely trivial to write something like this:
template<typename T>
void deleter(T*& obj)
{
delete obj;
obj = nullptr;
}
or even this
template<typename T>
void deleter(T*& obj)
{
T* temp = obj;
obj = nullptr;
delete temp;
}
It does everything you asked for. But you quite don't get what you wanted.
There seems to be a misunderstanding of what pointers are. A pointer is a number, and like any number it's value can be copied or even derived.
And seldom use after free is this trivial. There's nothing you can do about the copies, or code that uses potentially dead pointers without checking.
Use after free is more of a problem of designed use than the pointer itself.
Smart pointers do better because they restrict the interface, and those restrictions make it harder to express dangerous patterns.
If you are still able to use a pointer in the exact same way as before, you haven't so much made things safer, as you have created the illusion of safety.
If you have to remember to use a new interface because of use after free, you could have just as easily remembered to null after delete. The problem is people don't always do.
________________________________
From: Std-Proposals <std-proposals-bounces_at_[hidden]> on behalf of organicoman via Std-Proposals <std-proposals_at_[hidden]>
Sent: Saturday, August 23, 2025 5:04:05 AM
To: std-proposals_at_[hidden] <std-proposals_at_[hidden]>
Cc: organicoman <organicoman_at_[hidden]>
Subject: [std-proposals] Delete...why not a parameter by reference?!
Hello,
One of the recurring bugs in c++ is use after free.
I'm wondering, why the delete operator doesn't take the pointer parameter by reference and nullify it?
So instead of
void operator delete(void* p);
It becomes
void operator delete(void* &p);
And it assigns the value nullptr to p after freeing its corresponding memory.
Look at this example:
---------
{
int* p = new int(42);
int* const& to_p = p; // as a guideline
delete p; // if taken by reference an nullified
*p; // this will be a guaranteed runtime error
*to_p; // and all previous copies obey too
}
---------
On top of that, basically we need just to add a guideline that mandate:
-All duplication of a pointer should be by reference if modifying, or const reference if not.
So it is guaranteed that if you free the memory using any of the references, all copies will be nullptr.
So, is there any constraints to prevents this other than breaking old code?
Regards
Sent from my Galaxy
template<typename T>
void deleter(T*& obj)
{
delete obj;
obj = nullptr;
}
or even this
template<typename T>
void deleter(T*& obj)
{
T* temp = obj;
obj = nullptr;
delete temp;
}
It does everything you asked for. But you quite don't get what you wanted.
There seems to be a misunderstanding of what pointers are. A pointer is a number, and like any number it's value can be copied or even derived.
And seldom use after free is this trivial. There's nothing you can do about the copies, or code that uses potentially dead pointers without checking.
Use after free is more of a problem of designed use than the pointer itself.
Smart pointers do better because they restrict the interface, and those restrictions make it harder to express dangerous patterns.
If you are still able to use a pointer in the exact same way as before, you haven't so much made things safer, as you have created the illusion of safety.
If you have to remember to use a new interface because of use after free, you could have just as easily remembered to null after delete. The problem is people don't always do.
________________________________
From: Std-Proposals <std-proposals-bounces_at_[hidden]> on behalf of organicoman via Std-Proposals <std-proposals_at_[hidden]>
Sent: Saturday, August 23, 2025 5:04:05 AM
To: std-proposals_at_[hidden] <std-proposals_at_[hidden]>
Cc: organicoman <organicoman_at_[hidden]>
Subject: [std-proposals] Delete...why not a parameter by reference?!
Hello,
One of the recurring bugs in c++ is use after free.
I'm wondering, why the delete operator doesn't take the pointer parameter by reference and nullify it?
So instead of
void operator delete(void* p);
It becomes
void operator delete(void* &p);
And it assigns the value nullptr to p after freeing its corresponding memory.
Look at this example:
---------
{
int* p = new int(42);
int* const& to_p = p; // as a guideline
delete p; // if taken by reference an nullified
*p; // this will be a guaranteed runtime error
*to_p; // and all previous copies obey too
}
---------
On top of that, basically we need just to add a guideline that mandate:
-All duplication of a pointer should be by reference if modifying, or const reference if not.
So it is guaranteed that if you free the memory using any of the references, all copies will be nullptr.
So, is there any constraints to prevents this other than breaking old code?
Regards
Sent from my Galaxy
Received on 2025-08-23 08:40:28