* [MODERATED] test numer 2
@ 2019-02-28 18:22 mark gross
2019-03-01 1:20 ` [MODERATED] " Nelson D'Souza
0 siblings, 1 reply; 2+ messages in thread
From: mark gross @ 2019-02-28 18:22 UTC (permalink / raw)
To: speck
[$] GMP and assert()
[Security] Posted Feb 27, 2019 21:11 UTC (Wed) by jake
A report of a potential security problem in the GNU Multiple Precision
Arithmetic (GMP) library was met with a mixed reaction, from skepticism to
responses verging on hostility, but the report ultimately raised a question
worth pondering. What role should assertions (i.e. calls to the POSIX assert()
macro) play in error handling? An assertion that fails leads to a process exit,
which may not be what a developer calling into a library expects. Unexpected
behavior is, of course, one step on a path that can lead to security holes.
Full Story (comments: 14)
^ permalink raw reply [flat|nested] 2+ messages in thread
* [MODERATED] Re: test numer 2
2019-02-28 18:22 [MODERATED] test numer 2 mark gross
@ 2019-03-01 1:20 ` Nelson D'Souza
0 siblings, 0 replies; 2+ messages in thread
From: Nelson D'Souza @ 2019-03-01 1:20 UTC (permalink / raw)
To: speck
[-- Attachment #1: Type: text/plain, Size: 775 bytes --]
NO Spam. Just green eggs and ham.
On 2/28/19 10:22 AM, speck for mark gross wrote:
> [$] GMP and assert()
> [Security] Posted Feb 27, 2019 21:11 UTC (Wed) by jake
>
> A report of a potential security problem in the GNU Multiple Precision
> Arithmetic (GMP) library was met with a mixed reaction, from skepticism to
> responses verging on hostility, but the report ultimately raised a question
> worth pondering. What role should assertions (i.e. calls to the POSIX assert()
> macro) play in error handling? An assertion that fails leads to a process exit,
> which may not be what a developer calling into a library expects. Unexpected
> behavior is, of course, one step on a path that can lead to security holes.
>
> Full Story (comments: 14)
>
>
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-03-01 1:11 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-28 18:22 [MODERATED] test numer 2 mark gross
2019-03-01 1:20 ` [MODERATED] " Nelson D'Souza
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).