On Mon, 29 Mar 2010, libssh2 Trac wrote:
Comment(by alamaison):
I've got to say I would find it very strange to revert a fix that makes
using our library ''safer''. Ideally, it should never be possible to crash
no matter what inputs a component receives.
-1 for reverting.
I don't quite understand that resistance either. As I said before: this
function is not documented clearly to *not* accept a NULL for a blank
passphrase even though it isn't documented to accept it either. Given that
small uncertainty in API funcionality I think it is quite easy to check
against this specific case.
It is not the same as to say that we always should check all arguments for
junk or whatever.
--
/ daniel.haxx.se
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
