It's mostly a question of how far you're willing to go to keep the scripts in a sandbox, i.e. do you trust the script writers to properly test the scripts and not willfully attempt to sabotage the application?
Just to put things in perspective, here's an example where an unsafe reference could possibly cause a crash:
array<int> arr = {1,2,3};
int DoSomething(int& refToInt)
{
// Resize the global array, which will deallocate the
// old internal buffer that our reference points to
arr.resize(100);
// Do some more stuff
// Change the value of the refToInt
refToInt = 42; /// <--- Oops, the reference is no longer pointing to the array element
}
void main()
{
// Call the function with a reference to one of the elements in the array
DoSomething(arr[0]);
}
Depending on exactly what was allocated on the heap where the array was originally allocated, the update that is made to the reference may be harmless, corrupt the heap, or overwrite some other pointer, etc.
Without unsafe references, the compiler guarantees that an error like this cannot be made (willfully or not).
Regards,
Andreas
