In message <20180809162245.gd14...@straasha.imrryr.org> on Thu, 9 Aug 2018 12:22:45 -0400, Viktor Dukhovni <openssl-us...@dukhovni.org> said:
openssl-users> It needs to be possible to recompile and run without auditing code. openssl-users> The worst kind of incompatibilities are those that are not reported openssl-users> by the compiler, and are only found at runtime, possibly under unusual openssl-users> conditions. So in this particular case, such as unchecked calls of sk_ functions, including sk_TYPE_new(), just to discover later that "oops, the elements we thought we inserted aren't there"? ;-) Either way, sk == NULL will not be reported by the compiler, will only be found at runtime, possibly under unusual conditions. The only difference is exactly how the user gets to find out in runtime; 1) mysterious failures because the stack that should contain n elements is really empty and unfillable, or 2) an immediate crash. Either way, the application authors will have to learn to check their stack pointers. The real difference is how much they will have to scratch their heads to figure out what went wrong. Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ _______________________________________________ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
