|
On 7/30/2018 11:12 AM, Michael Wojcik
wrote:
As for Jordan's objection: If you don't know the source of your "leaks", then I can't say I'm particularly impressed with a zero-"leak" policy. That amounts to "let's burn a lot of cycles during process termination, rather than understand what we're doing". *Fully* understanding the implications of a bug can be quite difficult. Often it is much easier to observe that there is a clear bug, fix it, and move along. Are there cases where this particular leak is a problem? Just because the developer can't think of any doesn't mean that there are none. Is it better to spend developer effort proving that a particular leak is harmless, or fixing it? And that doesn't consider the cost to the *next* developer, who runs a leak test, finds a dozen leaks, and then needs to research each one to be sure that it isn't a result of their change. -- Jordan Brown, Oracle Solaris |
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
