Not to throw shade, just wishing that somebody here can understand. Whenever an input is reasonably long, an analyzing function will crash, and this PR aims to fix that with a mechanism that contradicts the maintainer’s understanding while a similar C implementation does not need this fix. Clearly, the maintainer has not heard a certain programming mantra…
Incidentally, this kind of passive-aggressive pressure is the kind of thing that might be considered a legitimate security threat, post xz. If you need to vent, vent in private. If “it works for you” but the maintainer is asking legitimate questions about the implementation, consider engaging with that in good faith and evaluating their questions with an open mind.
Incidentally, this kind of passive-aggressive pressure is the kind of thing that might be considered a legitimate security threat, post xz.
Yes, OP’s attempt to bully a maintainer into accepting his PR is a very shitty thing to do.
Throwing veiled personal attacks, such as insinuating a developer is incompetent or dumb, is also very bad form.
This says more about OP than anything. I hope I never have to work with anyone like that. What a shit show of a person.
What mantra? I think this maintainer is doing the right thing here by trying to understand why this fix works.
You should always attempt to address the root cause of an issue instead of slapping band aid patches onto everything.
To me it looks like the maintainer is trying to find out what exactly is wrong. “this doesn’t happen in our C implementation” implies that there’s something wrong with the rust code specifically.
A “mantra” more programmers should have is to fix the cause of the issue, and not just the symptoms. You have to understand what the problem is to be able to fix it.
while a similar C implementation does not need this fix
No, that implementation also needs the fix. It’s just that it was never properly tested, so they thought it was working correctly.
They tested the same strings on that implementation., though judging by the recent comments someone’s found something.
They tested the same strings on that implementation
The strings were the same, but not the implementation. They were testing the decoding of the strings, but the C function they were looking at was the one for encoding them. The decoding function was correct but what it read didn’t match the encoding one.
though judging by the recent comments someone’s found something.
Yeah, that’s me :)
Which mantra is that? The ellipsis doesn’t offer a clue.
Looks to me like a reasonable conversation is happening trying to find the underlying issue. Where is the PR being held up?
Since I posted it, the conversation has moved forward. Before that it was just two people being justifiably confused.
You must understand that maintainers need to worry about supply chain attacks ever since the xz debacle. So I suggest you wait.
Thanks. All I wanted was to have someone answer with what’s actually going on, and thanks to Giooschi below that has happened, and there indeed isn’t anything to do at this point. I’ve tried to edit the post but couldn’t find a proper wording.
OP is welcome to use a patched version in their repo and stop harassing maintainers
