On 01.06.2017 14:25, Paolo Invernizzi wrote:
I can detail exactly what happened in my code -- I am accepting dates
from a given week from a web request. One of the dates fell outside
the week, and so tried to access a 7 element array with index 9.
Nothing corrupted memory, but the runtime corrupted my entire process,
forcing a shutdown.
And that's a good thing! The input should be validated, especially
because we are talking about a web request.
See it like being kind with the other side of the connection, informing
it with a clear "rejected as the date is invalid".
:-)
You seem to not understand what happened. There was a single server
serving multiple different web pages. There was an out-of-bounds error
due to a single user inserting invalid data into a single form with
missing data validation. The web server went down, killing all pages for
all users.
There is no question that input data should be validated, but if it
isn't, the response should be proportional. It's enough to kill the
request, log the exception , notify the developer, and maybe even
disable the specific web page.
