pelletier/go-toml

Remove unsafe

Opened this issue · 2 comments

I count over a dozen lines which make use of https://pkg.go.dev/unsafe. This seems very odd for a TOML library. There should not be any need to do any unsafe pointer arithmetic to encode or decode TOML. Even if it makes the code a little bit easier to write or a little bit faster in some benchmarks, it also opens the possibility for all sorts of memory safety bugs, meaning that one could end up with a CVE just from decoding a bit of TOML with Go, a language that is otherwise memory safe :)

I'm happy to help remove unsafe, but I wanted to ask first. Note that the Go standard library, as well as popular third party encoding libraries like protobuf, avoid the use of unsafe as well.

Had a reply from @pelletier on Slack: basically this was for performance. He's happy with removing unsafe as long as the performance doesn't drop significantly, or perhaps if we can mostly offset it with some speedups elsewhere.

Pinning this issue for visibility if anyone feels inclined to do it!