Comment by chlorion
2 days ago
So out of bounds access leading to data loss and possible security vulnerability is better than crashing the kernel? That doesn't make sense to me.
2 days ago
So out of bounds access leading to data loss and possible security vulnerability is better than crashing the kernel? That doesn't make sense to me.
One of those things might take your server/application/data out. The other is guaranteed.
One of those things might allow attacker to get access to data they should not have access to or to run arbitrary code on your server. The other does not.
For many use cases, blowing up loudly is strongly preferable to silently doing the wrong thing. Especially in the presence of hostile actors, who are trying to use your out -of-bounds error for their own gain.
For many other use cases it is not. Imagine a smartphone randomly turning itself off. Nobody can possibly debug this.