On 03/05/21 22:17 +0200, François Dumont via Libstdc++ wrote:
Is it too early to consider this patch ? Or just lack of time ?
I haven't had time to review it yet, but my general feeling hasn't changed. I still don't like the idea of executing additional code after undefined behaviour is detected. I've been convinced by glibc folk that every bit of code run when the program state is corrupt increases the risk that it can be exploited by an attacker.
