Ingo Schwarze <schwa...@usta.de> wrote: > Hi, > > Theo de Raadt wrote on Thu, Jun 11, 2020 at 10:12:47AM -0600: > > Romero Perez, Abel <romeropereza...@gmail.com> wrote: > > >> I suggest only to have a look into better measures of security by > >> researching optimization flags, to find an equilibrium of optimization > >> and security. > > > Romero, that is bullshit. > > However, there is something i ought to do to make such bugs less > likely: Remove the last vestigial type-unsafe pointer handling. > That was designed a decade ago with an excessive focus on flexibility > when the scope of the program was not yet clear. A typical example > of over-abstraction. When you don't know yet how general your code > might need to be, write specific code first. If it turns out > additional situations need to be handled, consider generalizing it > (and again, don't go overboard). Never invent abstractions "because > just in case". > > If we would need many dozens of different output formats, and people > would want to plug in new ones at run time or something crazy like > that, the abstraction implemented with these void pointers might > have a point. But now that we know that less than a dozen output > formats are really needed, and that they are all very stable, there > are very likely ways to improve this code, making it more robust > and less error-prone.
No way Ingo, you should be carefully use the compiler -O option!!!!! It is the way to security, expert Romero has spoken!
