...
In particular, assertions are generally unsuitable for server programs or embedded systems in deployment. A failed assertion can lead to a denial-of-service attack if triggered by a malicious user, such as size being, in some way, derived from client input. In such situations, a soft failure mode, such as writing to a log file and rejecting the request, is more appropriate.
...