Re: [SystemSafety] OpenSSL Bug

From: Messer Robin < >
Date: Mon, 14 Apr 2014 14:21:48 +0000


In my experience the best thing to do about runtime checks is to prove, statically, using automated tools, that they will never be raised.

-----Original Message-----
Sent: 14 April 2014 15:15
To: systemsafety_at_xxxxxx Subject: Re: [SystemSafety] OpenSSL Bug

<snip>

There is also the issue of what to do about runtime checks. Code is surprisingly robust in the presence of minor infringements, it works as intended. But if runtime checking is on an error gets raise. Having an error raised can cause more problems than ignoring the problem (the safety people on this list will know a lot more about this issue than me).

<snip>



The System Safety Mailing List
systemsafety_at_xxxxxx Received on Mon Apr 14 2014 - 16:23:44 CEST

This archive was generated by hypermail 2.3.0 : Tue Apr 23 2019 - 06:17:06 CEST