Comment by mattparlane
12 years ago
What worries me about this is that the commit that fixes it [0] doesn't include any tests. Is that normal in crypto? If I committed a fix to a show-stopper bug without any tests at my day job I'd feel very amateur.
[0] http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=...
Sometimes things are time-critical.....
Ah, the old middle-management excuse: "We don't have time to write tests!"
When half the secure internet is on fire... yeah, i think that's an acceptable time.
1 reply →