Agreed!
As a C programmer, I know that there are many functions that are part of
the standard library that are problematic. That's why good C programmers
are sought after, as being good means that you know about this problems
and deal with them as part of your craft.
Additionally, for future reference, we already have excellent tools for
doing static analysis on code. My uni actually requires all students to
have their code pass a specific instantiation script for gcc with no
output on stderr before submission on all coding assignments (the error
checkng arguments it turns on are really sadistic) and lint usage is
advocated heavily.
Thing is, I don't need to tell the DBMail crew this. If they can figure
out the cause of the md5() problems they were having a while ago (which
they did), they can certainly debug their own code!
Best regards,
Chris
Aaron Stone wrote:
This is simply obnoxious. Please be so kind as to begin posting useful reports
and well thought out patches or remove yourself from this mailing list.
Those coding have made their best efforts at avoiding common problems, buffer
overflows, etc. Simply listing all of the occurrences of functions known to be
problematic does not help anyone. We all have grep, and we use it.
If you were to take the time to read through the code associated with these
"problem" reports, it would be immensely appreciated. By merely posting the
results and expecting that we're going to jump up and down and start auditing
everything, you demonstrate the worst of all development attitudes possible.
Aaron
Dan Weber <[EMAIL PROTECTED]> said:
I found a new little programmer called flawfinder. Here is a report
from dbmail-2.0.
-- Dan Weber
[load of obnoxious encoded bullshit snipped]
--
_______________________________________________
Dbmail-dev mailing list
Dbmail-dev@dbmail.org
http://twister.fastxs.net/mailman/listinfo/dbmail-dev
