[PATCH 1/3] tests: Cast to void to suppress warnings about unused variables
Collin Funk
collin.funk1 at gmail.com
Sat Jan 31 20:21:03 CET 2026
Jeffrey Walton via Gnupg-devel <gnupg-devel at gnupg.org> writes:
> On Sat, Jan 31, 2026 at 8:36 AM Werner Koch via Gnupg-devel <
> gnupg-devel at gnupg.org> wrote:
>
>> On Sat, 31 Jan 2026 01:26, Rudi Heitbaum said:
>> > Address compiler warning when variable is unused because it’s used
>> > only in assert.
>>
>> Anyone who defines NDEBUG does not known what s/he does. An assert is
>> there for a reason. It is plain stupid to use an assert but disable it
>> for production.
>
>
> Asserts are a debugging and diagnostic tool. Confer, <
> https://pubs.opengroup.org/onlinepubs/9699919799/functions/assert.html>.
> Asserts should not be enabled in production software.
I generally agree, but there is some benefit to having a program crash
instead of continuing in an undefined state.
> If an assert triggers, it usually causes a program to crash. Sensitive
> data can leave the app's security boundary and be egressed through the
> crash dump or report. Companies like Apple, Canonical, Google and
> Microsoft could have access to the sensitive data.
>
> I've even seen asserts used in BitCoin wallets, and the crash reports
> uploaded to Microsoft App Center Diagnostics. The private keys for the
> wallets were burned!
>
> I've never seen a project document that private keys and shared secrets
> should be rotated after a program crashes due to an assert.
Yeah, that is bad.
Collin
More information about the Gnupg-devel
mailing list