Asserts considered harmful (or GMP spills its sensitive information)

[Torbjörn Granlund]

Jeffrey Walton <noloader at gmail.com> writes:

  Here's what I witness on a BananaPi and a couple of other boards. Can
  you provide info on the ARM boards you are using? I have about 8 of
  them for testing, and I may be able to duplicate your [successful]
  result.

Marco and others have told you to read the GMP manual.  People have
explained what you do wrong and it is clear that you know very well why
your CFLAGS messing breaks things.  Yet, you insist on spreading the lie
that GMP "does not build".

  Returning a failure from mpn_sec_powm would be a most welcomed
  improvement.

You have repeated this several times already.

The GMP API is what it is.  If you don't like it, well, we're so sorry.

  It would be a welcomed improvement if GMP does it in
  other places, too. Crashing is least welcomed behavior for many uses
  cases, including those where availability and confidentiality is a
  concern.

You have repeated this several times, and people have patiently replied
and explained how to handle this safely.

  Gracefully handling failure serves several purposes. First, returning
  failure is what developers expect to happen.

Really?  Did you talk to them?

  If a program uses a function incorrectly then it is expected to
  fail. Developers are usually good about checking return values at call
  sites.

I have yet to find one program which checks all return values.

  Second, when GMP crashes it is setting a policy for the application.

Any API sets policies.

We've had enough of your nagging and aggressiveness and your threats in
private email.  Your messages to the GMP lists will henceforth be
automatically discarded.

-- 
Torbjörn
Please encrypt, key id 0xC8601622