| ▲ | timschmidt 5 hours ago | |||||||||||||||||||||||||||||||||||||
The badness cannot be overstated. "Hostile codebase" would be an appropriate label. Much more information available in Giovani Bechis's presentation: https://www.slideshare.net/slideshow/libressl/42162879 If someone meant to engineer a codebase to hide subtle bugs which might be remotely exploitable, leak state, behave unexpectedly at runtime, or all of the above, the code would look like this. | ||||||||||||||||||||||||||||||||||||||
| ▲ | Swizec 5 hours ago | parent | next [-] | |||||||||||||||||||||||||||||||||||||
> If someone meant to engineer a codebase to hide subtle bugs which might be remotely exploitable, leak state, behave unexpectedly at runtime, or all of the above, the code would look like this. I wonder who could possibly be incentivized to make the cryptography package used by most of the worlds computers and communications networks full of subtly exploitable hard to find bugs. Surely everyone would want such a key piece of technology to be air tight and easy to debug But also: surely a technology developed in a highly adversarial environment would be easy to maintain and keep understandable. You definitely would have no reason to play whackamole with random stuff as it arises | ||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||
| ▲ | rakel_rakel 5 hours ago | parent | prev | next [-] | |||||||||||||||||||||||||||||||||||||
Another great example from tedunangst's excellent presentation "LibreSSL more than 30 days later". https://youtu.be/WFMYeMNCcSY&t=1024 Teaser: "It's like throw a rock, you're gonna hit something... I pointed people in the wrong direction, and they still found a bug". | ||||||||||||||||||||||||||||||||||||||
| ▲ | noname120 4 hours ago | parent | prev | next [-] | |||||||||||||||||||||||||||||||||||||
I expected much worse to be honest. Vim’s inline #ifdef hell is on a whole other level. Look at this nightmare to convince yourself: https://geoff.greer.fm/vim/#realwaitforchar | ||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||
| ▲ | oefrha 5 hours ago | parent | prev [-] | |||||||||||||||||||||||||||||||||||||
See also The State of OpenSSL for pyca/cryptography https://cryptography.io/en/latest/statements/state-of-openss... Recently discussed: https://news.ycombinator.com/item?id=46624352 > Finally, taking an OpenSSL public API and attempting to trace the implementation to see how it is implemented has become an exercise in self-flagellation. Being able to read the source to understand how something works is important both as part of self-improvement in software engineering, but also because as sophisticated consumers there are inevitably things about how an implementation works that aren’t documented, and reading the source gives you ground truth. The number of indirect calls, optional paths, #ifdef, and other obstacles to comprehension is astounding. We cannot overstate the extent to which just reading the OpenSSL source code has become miserable — in a way that both wasn’t true previously, and isn’t true in LibreSSL, BoringSSL, or AWS-LC. Also, > OpenSSL’s CI is exceptionally flaky, and the OpenSSL project has grown to tolerate this flakiness, which masks serious bugs. OpenSSL 3.0.4 contained a critical buffer overflow in the RSA implementation on AVX-512-capable CPUs. This bug was actually caught by CI — but because the crash only occurred when the CI runner happened to have an AVX-512 CPU (not all did), the failures were apparently dismissed as flakiness. Three years later, the project still merges code with failing tests: the day we prepared our conference slides, five of ten recent commits had failing CI checks, and the day before we delivered the talk, every single commit had failing cross-compilation builds. Even bugs caught by CI get ignored and end up in releases. | ||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||