curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: On memory-leaks as security problems

From: Daniel Stenberg via curl-library <>
Date: Fri, 8 Jan 2021 14:32:31 +0100 (CET)

On Fri, 8 Jan 2021, Tomalak Geret'kal via curl-library wrote:

> I don't know how you'd formally define the threshold, but surely there is
> some common sense involved. Frankly I'm happy that you have enough of that
> Daniel to be the judge, and the fact that you've brought this question to us
> bears that out!

Yeah, I don't think we can make a fixed and formal threshold.

I started this thread primarily to get a feel for if my line of reasoning
matches what everyone else thinks. I now think we all mostly agree, even if we
of course ultimately still could end up debating which side of the imaginary
line in the sand a particular bug should end up on.

Thank you everyone for your valuable feedback and thoughts!

  | Commercial curl support up to 24x7 is available!
  | Private help, bug fixes, support, ports, new features
Received on 2021-01-08