vidyuthd / owasp-esapi-java

Automatically exported from code.google.com/p/owasp-esapi-java
0 stars 0 forks source link

CipherTextSerializer.java - Assertions #193

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Need to remove assertions or catch the AssertionErrors that get thrown from the 
numerous assert statements in this class. 

Original issue reported on code.google.com by chris.sc...@owasp.org on 18 Dec 2010 at 5:52

GoogleCodeExporter commented 9 years ago
I disagree with the recommendation that AssertionErrors should be caught as 
well as with the premise that Java assertions should be used (except in certain 
circumstances where a security vulnerability might arise should assertions be 
disabled or no other exception would get thrown if assertions are disabled).

I made recommendation to Chris Schmidt that his client simply disable 
assertions or at least those from the CipherTextSerializer class and explained 
how this might be done. Since I have not heard back from anyone regarding this, 
I am closing this as 'WontFix' as I do not believe it is really a defect and no 
one has responded to my other questions related to this.

Original comment by kevin.w.wall@gmail.com on 31 Dec 2010 at 2:21