undefined | Better HN

0 pointsnicce9mo ago0 comments

> Not necessarily. 500 might indicate the process died, which might take more resources to startup, have cold cache, whatever. If you spam that repeatedly it could easily take down the site

That is true, but the status code 500 alone does not reveal that; it is speculation. Status codes are not always used correctly. It is typically just indicator to dig deeper. There might be a security issue, but the code itself is not enough.

Maybe this just the same general problem of false positives. Proving something requires more effort and more time and people tend to optimise things.

0 comments

bawolff9mo ago

True, but in the context of the article we are talking about null pointer dereference. That is almost certainly going to cause a segfault and require restarting the process.

j / k navigate · click thread line to collapse

0 pointsnicce9mo ago0 comments

> Not necessarily. 500 might indicate the process died, which might take more resources to startup, have cold cache, whatever. If you spam that repeatedly it could easily take down the site

Maybe this just the same general problem of false positives. Proving something requires more effort and more time and people tend to optimise things.

0 comments

bawolff9mo ago

True, but in the context of the article we are talking about null pointer dereference. That is almost certainly going to cause a segfault and require restarting the process.

j / k navigate · click thread line to collapse