In message <cah8yc8kgypm0q8bu6tdzem9+_3_casfzp1dumjrzfzvfx1_...@mail.gmail.com> on Sat, 19 Mar 2016 21:11:03 -0400, Jeffrey Walton <noloa...@gmail.com> said:
noloader> > Point is, if any of the the assertions are triggered into faulting, noloader> > there's a but in the library and it shouldn't get released. That's noloader> > the whole point. The tests are supposed to catch those and basically noloader> > raise a big red flag. noloader> > noloader> > Are you telling me that according to Apple's App Store policies, noloader> > assertions must not be used? noloader> noloader> I don't know what Apple's policies are with respect to assert. But noloader> Posix assert calls abort, and the abort is a violation of Apple noloader> submission policies. Ok, good to know. noloader> The project should probably disgorge the debugging and diagnostics noloader> (asserts) from the data egress (abort, crash dumps and error reports). noloader> Then you can use asserts and not worry about data security violations. noloader> I'm aware of some projects that do it, like OWASP noloader> (http://www.owasp.org/index.php?title=C-Based_Toolchain_Hardening&setlang=es#ASSERT) noloader> and Crypto++ (http://github.com/weidai11/cryptopp/blob/master/trap.h). I'm listening, and that Crypto++ file answered a question I meant to ask (how to do the SIGTRAP thing on Windows). noloader> I tried to find the pedigree of Posix's "let's crash a program while noloader> its being debugged" philosophy a few years ago. I could not find it. It may have been as simple as SIGTRAP not existing everywhere, while the abort() call was simple to implement in diverse ways on different platforms (my old UNIX programmer's manual from Bell Labs tells me it uses the IOT instruction on PDP11...). So I'd say the answer lies in the deeper recesses of history -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev