On Saturday, September 17, 2016 at 11:13:10 PM UTC-4, Mouse wrote:
> On Sep 17, 2016, at 19:30 , Jeffrey Walton <nolo...@gmail.com 
> <javascript:>> wrote:
> Hi Everyone,
> CVE-2016-7420 has me questioning some of the wisdom in config.recommend 
> and config.h.
> Me too. :-)
> config.recommend removes undefined behavior, but it requires user to do 
> something special. I believe most users don't need the compatibility 
> provided in config.h. Failure to use config.recommend is a replay of not 
> defining NDEBUG for production/release builds when using other tools, like 
> Autotools, CMake, Eclipse, Xcode, etc.
> In other words, that’s what everybody should be using, unless there are 
> very good reasons not to.
> If RTFM was going to work, it would have happened by now. 
> You cannot possibly believe in RTFM? :-) 
> *Nobody* R TFM, y’know… :)
> Making users do something special to get into a good configuration also 
> violates Peter Gutmann's "Defend, Don't Ask"* rule. As a consequence, I'd 
> like to move config.h to config.compat; and move config.recommend to 
> config.h.
> Any thoughts or objections?
> I say - good move, and about time!

OK, good. It was well tested before the cut-in, so we did not need extra 
testing. We also were able to remove the annoying warning message in 

Using the improved cofig.h will simplify a lot of ARM testing because ARM 
crashes like i686/x86_64 used to. Unlike x86 which crashed on larger words, 
like 64-bit and 128-bit, ARM will crash on 32-bit words if they are sent to 
the NEON coprocessor.

Committed at 


You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com.
More information about Crypto++ and this group is available at 
You received this message because you are subscribed to the Google Groups 
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cryptopp-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to