Hi Everyone,

CVE-2016-7420 caused us to cut-in CRYPTOPP_ASSERT a little earlier than 
expected. <trap.h> and CRYPTOPP_ASSERT have existed in Master for over a 
year. We set up a dev-branch called 'trap' to isolate the cut-in during 

The cut-over to CRYPTOPP_ASSERT occurred at 
. It tested OK under modern versions of Clang, CGG, Solaris and Visual 

The defining factor of CRYPTOPP_ASSERT is it abandons Posix NDEBUG, which 
we used to rely upon to remove asserts. We switched strategies, and now we 
enable CRYPTOPP_ASSERT if any the following are defined: CRYPTOPP_DEBUG, 
DEBUG, _DEBUG. This strategy side steps bad release/production 
configurations due to policy (Debian never defines NDEBUG) and 
errors/omissions (users or Autotools or CMake or Eclipse <other build 
system> fails to define NDEBUG).

CRYPTOPP_ASSERT also adds a nice feature: it raises SIGTRAP rather than 
SIGABRT. SIGABRT will snap the debugger, if present. And it won't follow 
Posix's idiotic footsteps and crash the program with a SIGABRT while a 
developer is debugging it.

The last two, DEBUG and _DEBUG, are set in Visual Studio projects by 
Microsoft; and they cause CRYPTOPP_DEBUG to be set automatically. BSD, 
Linux, Solaris and Unix user will have to -DCRYPTOPP_DEBUG=1 or uncomment 
CRYPTOPP_DEBUG in config.h.

If all goes well with testing, then we will merge Trap dev-branch into 
Master this weekend or early next week. Our test script takes two or three 
days to run on IoT gadets like BeableBoards and CubieTrucks, so the 
earliest we can merge will be late Saturday or Sunday.


You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com.
More information about Crypto++ and this group is available at 
You received this message because you are subscribed to the Google Groups 
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cryptopp-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to