jmjoy
commented
9 months ago Maybe throw a compile-time warning when length-checks aren't defined firstly in #[validate] is a good idea.
Open Glitchy-Tozier opened 2 years ago
jmjoy
commented
9 months ago Maybe throw a compile-time warning when length-checks aren't defined firstly in #[validate] is a good idea.
Basically, first perform length-checks (especially for arrays) and only then perform all other checks. Perform custom checks last.
This is to aid as an additional buffer against primitive DOS attacks.