[openssl-dev] OS X 10.8, x86_64: 01-test_abort.t... sh: line 1: 71522 Abort trap: 6
Jeffrey Walton
noloader at gmail.com
Sun Mar 20 01:11:03 UTC 2016
> Point is, if any of the the assertions are triggered into faulting,
> there's a but in the library and it shouldn't get released. That's
> the whole point. The tests are supposed to catch those and basically
> raise a big red flag.
>
> Are you telling me that according to Apple's App Store policies,
> assertions must not be used?
I don't know what Apple's policies are with respect to assert. But
Posix assert calls abort, and the abort is a violation of Apple
submission policies.
More generally, assertions are a diagnostic and debugging feature.
They have no place in production/release. In production, the time for
debugging is over.
The project should probably disgorge the debugging and diagnostics
(asserts) from the data egress (abort, crash dumps and error reports).
Then you can use asserts and not worry about data security violations.
I'm aware of some projects that do it, like OWASP
(http://www.owasp.org/index.php?title=C-Based_Toolchain_Hardening&setlang=es#ASSERT)
and Crypto++ (http://github.com/weidai11/cryptopp/blob/master/trap.h).
For what its worth, I adore asserts. They create self debugging
programs. I love self debugging programs because I have better things
to do with my time than wielding a debugger and stepping code.
I tried to find the pedigree of Posix's "let's crash a program while
its being debugged" philosophy a few years ago. I could not find it.
No one could remember where it came from or why it was there. I asked
on comp.lang.c because I could not find a relevant posix usenet group.
I can try and find a citation, if needed.
Jeff
More information about the openssl-dev
mailing list