Date: Wed, 26 Jan 2022 12:19:22 -0500
On 1/26/22 7:38 AM, Aaron Ballman wrote:
> On Wed, Jan 26, 2022 at 1:51 AM Reini Urban via SG16
> <sg16_at_[hidden]> wrote:
>>
>> On Tue, Jan 25, 2022 at 7:38 PM Jens Maurer via SG16 <sg16_at_[hidden]> wrote:
>>> On 25/01/2022 17.13, Tom Honermann via SG16 wrote:
>>>> On 1/25/22 3:13 AM, Corentin Jabot via SG16 wrote:
>>>> The standard could (I think) also provide normative encouragement to implementors to emit a diagnostic for identifiers that are not inline with TR39 guidance. I'm not sure if we already have examples of encouragement for additional diagnostics elsewhere.
>>> I'm not sure SG16 is the right place to discuss such fundamental matters.
>>>
>>> For example, some people like to compile their code with -Werror, and
>>> thus a recommended warning that they cannot possibly avoid (because e.g.
>>> it is inevitably caused by a third-party library) is indistinguishable
>>> from "ill-formed" for them.
>>
>> true. but it's still a security issue, not just a style issue. security concerns should be handled upfront, else they leak in.
>> esp. potential insecure third-party libraries.
> This suggests the paper also needs to be seen by the SG12 study group
> on undefined behavior and vulnerabilities (likely with SG16 experts in
> the room to help answer questions).
>
> ~Aaron
We have a new SSRG group that is focused on security issues. I'll post a
message to the public SSRG mailing list
<https://lists.isocpp.org/mailman/listinfo.cgi/ssrg> (copying the
author) for additional followup and discussion of the security aspects
and ramifications.
Tom.
> On Wed, Jan 26, 2022 at 1:51 AM Reini Urban via SG16
> <sg16_at_[hidden]> wrote:
>>
>> On Tue, Jan 25, 2022 at 7:38 PM Jens Maurer via SG16 <sg16_at_[hidden]> wrote:
>>> On 25/01/2022 17.13, Tom Honermann via SG16 wrote:
>>>> On 1/25/22 3:13 AM, Corentin Jabot via SG16 wrote:
>>>> The standard could (I think) also provide normative encouragement to implementors to emit a diagnostic for identifiers that are not inline with TR39 guidance. I'm not sure if we already have examples of encouragement for additional diagnostics elsewhere.
>>> I'm not sure SG16 is the right place to discuss such fundamental matters.
>>>
>>> For example, some people like to compile their code with -Werror, and
>>> thus a recommended warning that they cannot possibly avoid (because e.g.
>>> it is inevitably caused by a third-party library) is indistinguishable
>>> from "ill-formed" for them.
>>
>> true. but it's still a security issue, not just a style issue. security concerns should be handled upfront, else they leak in.
>> esp. potential insecure third-party libraries.
> This suggests the paper also needs to be seen by the SG12 study group
> on undefined behavior and vulnerabilities (likely with SG16 experts in
> the room to help answer questions).
>
> ~Aaron
We have a new SSRG group that is focused on security issues. I'll post a
message to the public SSRG mailing list
<https://lists.isocpp.org/mailman/listinfo.cgi/ssrg> (copying the
author) for additional followup and discussion of the security aspects
and ramifications.
Tom.
Received on 2022-01-26 17:19:24