On Mon, 29 Mar 2010, Daniel Stenberg wrote:
> I don't quite understand that resistance either. As I said > before: this function is not documented clearly to *not* > accept a NULL for a blank passphrase even though it isn't > documented to accept it either. Given that small uncertainty > in API funcionality I think it is quite easy to check against > this specific case. It would seem best to always clarify any points of uncertainty when ever possible. > It is not the same as to say that we always should check all > arguments for junk or whatever. I would not rule this out. Obviously it can be taken to absurd extremes, but a reasonable step to sanitize inputs can be very important. As a library, you can not be sure of the source of the inputs being sent to your library - did the application sanitize them enough or does doing nothing leave open a potential exploit? There has to be a balance somewhere between so sanitizing so insanly it drags everything to a griding halt and just leaving the barn door open and hoping no one notices or cares. - C Johnson _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
