[webkit-dev] Please start using RELEASE_ASSERT_WITH_SECURITY_IMPLICATION()
David Kilzer
ddkilzer at webkit.org
Tue Oct 17 09:54:08 PDT 2017
Hello,
TL;DR: Please start using RELEASE_ASSERT_WITH_SECURITY_IMPLICATION() in place of ASSERT_WITH_SECURITY_IMPLICATION() for new/updated code.
It turns out that having some of these debug asserts enabled in release builds would have prevented security issues, so we’re going through and changing the ones that won’t impact performance immediately, and we will eliminate the rest of the debug asserts over time. (Changing them all at once would incur too many performance regressions.)
I’ve also added a webkit-style-checker check to warn when using ASSERT_WITH_SECURITY_IMPLICATION() to deter new instances of the debug macro.
For reference:
Bug 178269: Add RELEASE_ASSERT_WITH_SECURITY_IMPLICATION() macro
<https://bugs.webkit.org/show_bug.cgi?id=178269 <https://bugs.webkit.org/show_bug.cgi?id=178269>>
<https://trac.webkit.org/changeset/223421 <https://trac.webkit.org/changeset/223421>>
Dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20171017/ab59f4a0/attachment.html>
More information about the webkit-dev
mailing list