[MODERATED] test numer 2

[MODERATED] test numer 2

[mark gross]

[$] GMP and assert()
[Security] Posted Feb 27, 2019 21:11 UTC (Wed) by jake

A report of a potential security problem in the GNU Multiple Precision
Arithmetic (GMP) library was met with a mixed reaction, from skepticism to
responses verging on hostility, but the report ultimately raised a question
worth pondering. What role should assertions (i.e. calls to the POSIX assert()
macro) play in error handling? An assertion that fails leads to a process exit,
which may not be what a developer calling into a library expects. Unexpected
behavior is, of course, one step on a path that can lead to security holes.

Full Story (comments: 14)

[MODERATED] Re: test numer 2

[Nelson D'Souza]

[-- Attachment #1: Type: text/plain, Size: 775 bytes --]

NO Spam. Just green eggs and ham.

On 2/28/19 10:22 AM, speck for mark gross wrote:
> [$] GMP and assert()
> [Security] Posted Feb 27, 2019 21:11 UTC (Wed) by jake
> 
> A report of a potential security problem in the GNU Multiple Precision
> Arithmetic (GMP) library was met with a mixed reaction, from skepticism to
> responses verging on hostility, but the report ultimately raised a question
> worth pondering. What role should assertions (i.e. calls to the POSIX assert()
> macro) play in error handling? An assertion that fails leads to a process exit,
> which may not be what a developer calling into a library expects. Unexpected
> behavior is, of course, one step on a path that can lead to security holes.
> 
> Full Story (comments: 14)
> 
> 
>