Tim Ruehsen tim.ruehsen@gmx.de writes:
just experienced a crash (assertion) when using md5 on short input.
test: md5.c:81: nettle_md5_digest: Assertion `length <= 16' failed.
The code is struct md5_ctx md5; md5_init(&md5); md5_update(&md5, "moin", 4); md5_digest(&md5, 20, digest);
^^
The problem isn't the *input* length, but the output length. The length argument for md5_digest can be at most MD5_DIGEST_SIZE, i.e., 16.
Is it reasonable to open a Debian bug suggesting to use -DNDEBUG ?
IMO, no.
Asserts in nettle are triggered when bugs in nettle or in the application violate necessary assumptions required for correct operation. In most cases, an immediate crash is preferable to follow on problems such data corruption or invalid memory accesses. Right, I know there are some exceptional production systems (e.g, the Ariadne rocket...) where it *might* be preferable to ignore problems and hope for the best, and I also know there are different opinions. But my view is that in general, it makes sense to keep asserts also in production code.
Best regards, /Niels