In this case, though, it's an application that explicitely calls an aborting function. No subterfuge at all there, so if you wanted to complain, this is a particularly bad example.
We do use OPENSSL_assert() in some places, to check *internal* state. When internal state is incorrect, it's not something that should keep running. The aim is, of course, that such errors will be caught by our tests. Cheers, Richard In message <rt-4.0.19-1914-1458351678-1225.4451-...@openssl.org> on Sat, 19 Mar 2016 01:41:18 +0000, "noloa...@gmail.com via RT" <r...@openssl.org> said: rt> This might be a philosophical difference, but: rt> rt> $ test/aborttest rt> test/aborttest.c:15: OpenSSL internal error: Voluntary abort rt> Abort trap rt> rt> I don't believe its the library's place to shutdown an application. rt> Libraries don't make policy decisions for applications. rt> rt> I think in this case, the library should refuse to process data and rt> always return a failure. Similar to latching a power-up self test rt> failure for the FIPS gear. rt> rt> Crashing the application will make OpenSSL powered apps no better than rt> BIND, which constantly DoS'es itself. Cf., rt> http://www.google.com/search?q=bind+assert+cve. rt> rt> Jeff rt> rt> On Fri, Mar 18, 2016 at 8:56 PM, Richard Levitte via RT <r...@openssl.org> wrote: rt> > This is a non issue, the test comes through ok as expected. The printout is a rt> > bit ugly, sure, but... rt> > rt> > And I'd love if someone could figure out a good way not to have that output. My rt> > attempts failed miserably... rt> > rt> > Vid Sat, 19 Mar 2016 kl. 00.47.40, skrev noloa...@gmail.com: rt> >> Working from Master at a6adf099cbd7c3bc... rt> >> rt> >> $ KERNEL_BITS=64 ./config && make depend && make clean && make -j 4 rt> >> ... rt> >> ... rt> >> OPENSSL_ENGINES=.././engines \ rt> >> /opt/local/bin//perl5 .././test/run_tests.pl ) rt> >> ../test/recipes/01-test_abort.t ........... sh: line 1: 71522 Abort rt> >> trap: 6 ../util/shlib_wrap.sh ./aborttest 2> /dev/null rt> >> ../test/recipes/01-test_abort.t ........... ok rt> >> ../test/recipes/01-test_ordinals.t ........ ok rt> >> ... rt> rt> rt> -- rt> Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4451 rt> Please log in as guest with password guest if prompted rt> rt> -- rt> openssl-dev mailing list rt> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev rt> -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4451 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
