Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] New packet list - out of memory?

From: "Bryant Eastham" <beastham@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 8 Oct 2009 17:29:48 -0600
Gerald Combs wrote:

> We could add a preference item which lets the user disable SE
canaries.
> Maybe a slider with "fast" on one end and "safe" on the other, just to
> let them know what they're getting into. :)

Not knowing the extent of the ":)" above, it is worth pointing out that
users are not programmers. They do not understand the difference between
"fast" and "safe", and expect that all software they run is both fast
and safe simultaneously. Further, any hint at all that software is not
"safe" or has a user preference to make it less "safe" is bad IMHO.

In my view, validating the correctness of a program (to the extent
possible) is not the responsibility of the user. They should not be
penalized (performance, memory usage) because of a programmer's lack of
skill (in validating his own work before release).

By all means, leave this kind of check as a compile option. Just like
other recommendations for validation (like fuzz testing), indicate that
programmers (of Wireshark proper and plugins) validate using a version
with canaries.

Sorry if I am way off base on this... Just my $.002.

-Bryant