← Back to index | Original Bugzilla link

Bug 17589 – Prevent local imports from hiding imported symbols

Status: NEW
Severity: enhancement
Priority: P4
Component: dmd
Product: D
Version: D2
Platform: All
OS: All
Creation time: 2017-07-03T20:18:31Z
Last change time: 2024-12-13T18:53:01Z
Assigned to: No Owner
Creator: timon.gehr

Moved to GitHub: dmd#19272 →

Comments

Comment #0 by timon.gehr — 2017-07-03T20:18:31Z

As issue 10378 has been closed even though problems remain, I'm opening a new issue. The following code demonstrates a hijacking problem in the current local import lookup rules: import std.stdio; string readAndLog(string filename){ import std.file; auto text=readText(filename); write(filename," read successfully!\n"); return text; } void main(){ writeln(readAndLog("important_data.txt")); } Upon execution, this code will delete the important data. Local imports should overload against less deeply nested imports. In this example, std.stdio.write and std.file.write should be treated as part of the same overload set within readAndLog. Otherwise, there is a hijacking risk.

Comment #1 by qs.il.paperinik — 2020-11-22T03:31:13Z

(In reply to timon.gehr from comment #0) > Local imports should overload against less deeply nested imports. In this > example, std.stdio.write and std.file.write should be treated as part of the > same overload set within readAndLog. Otherwise, there is a hijacking risk. You imported two `write` functions (overloaded sets) that weren't intended to be used next to each other. Call compiles in both sets, so by the spec [1], it's an ambiguous call. The spec does not say that "more local" imports shadow "less local" imports for functions. While [2] says that imports can shadow local definitions, [1] clearly says how overloaded sets are to be handled. At best, [1] is correct and at worst, the spec contradicts itself. [1] https://dlang.org/spec/function.html#overload-sets [2] https://dlang.org/spec/module.html#scoped_imports TL;DR: It should be an ambiguity error, nothing else.

Comment #2 by timon.gehr — 2020-11-22T03:51:19Z

(In reply to Bolpat from comment #1) > (In reply to timon.gehr from comment #0) > > Local imports should overload against less deeply nested imports. In this > > example, std.stdio.write and std.file.write should be treated as part of the > > same overload set within readAndLog. Otherwise, there is a hijacking risk. > > ... > > TL;DR: It should be an ambiguity error, nothing else. Yes absolutely. Reading it now, the original report was not phrased very well. std.stdio.write and std.file.write should remain in separate overload sets, but they should overload against each other so that there is an ambiguity error in this case.

Comment #3 by robert.schadek — 2024-12-13T18:53:01Z

THIS ISSUE HAS BEEN MOVED TO GITHUB https://github.com/dlang/dmd/issues/19272 DO NOT COMMENT HERE ANYMORE, NOBODY WILL SEE IT, THIS ISSUE HAS BEEN MOVED TO GITHUB