[Zlib-devel] To ASM or not to ASM?
Mark Adler
madler at alumni.caltech.edu
Sat Oct 4 19:51:18 EDT 2003
On Saturday, October 4, 2003, at 04:34 PM, Cosmin Truta wrote:
> All right, but the CERT advisory was issued because someone reported a
> crash in a PNG-processing application (wasn't it?) Why wasn't the crash
> (and the advisory) issued a few years earlier?
The bug was reported a few more times in the intervening three years.
But your point is of course correct--that it is notoriously difficult
to prove that a program is correct.
> To answer this question, one has to consider the total number of
> times that all the users in this world decompressed deflate streams.
This particular bug was only manifested for invalid zlib streams.
Since the vast majority of zlib streams are valid, that made
instantiations of the bug all the more rare. Which expands on your
point, i.e. that testing needs to include invalid as well as valid
inputs in order to exercise all of the lines of code.
> If we are determined to do this, we can start by writing a suite of
> deflate streams that satisfy a coverage test. The gcc/gcov pair can be
> really helpful here.
This has been on my to-do list.
mark
More information about the Zlib-devel
mailing list