This wasn't supposed to be an insult to anyone; I just found it interesting. I suspect most of the stuff it reported is useless information anyway.
-- Dan Weber On Sun, May 16, 2004 at 02:32:14PM +0200, Ilja Booij wrote: > I like the use of certain utilities to find possible flaws in a program. > splint (www.splint.org) has helped me find some possible bugs in DBMail > and other projects. Valgrind is very useful for run-time checking, > etc. Still, using your brain cells is best way of preventing and > detecting bugs. > > Posting the output from a program like flawfinder isn't helpful in any > way. Using flawfinder to find a possible bug, fixing the bug, posting > the patch, and explaining why this patch fixes something is helpful. > > Ilja > > > > Chris Nolan wrote: > > >Agreed! > > > >As a C programmer, I know that there are many functions that are part of > >the standard library that are problematic. That's why good C programmers > >are sought after, as being good means that you know about this problems > >and deal with them as part of your craft. > > > >Additionally, for future reference, we already have excellent tools for > >doing static analysis on code. My uni actually requires all students to > >have their code pass a specific instantiation script for gcc with no > >output on stderr before submission on all coding assignments (the error > >checkng arguments it turns on are really sadistic) and lint usage is > >advocated heavily. > > > >Thing is, I don't need to tell the DBMail crew this. If they can figure > >out the cause of the md5() problems they were having a while ago (which > >they did), they can certainly debug their own code! > > > >Best regards, > > > >Chris > > > >Aaron Stone wrote: > > > >>This is simply obnoxious. Please be so kind as to begin posting useful > >>reports > >>and well thought out patches or remove yourself from this mailing list. > >> > >>Those coding have made their best efforts at avoiding common problems, > >>buffer > >>overflows, etc. Simply listing all of the occurrences of functions > >>known to be > >>problematic does not help anyone. We all have grep, and we use it. > >> > >>If you were to take the time to read through the code associated with > >>these > >>"problem" reports, it would be immensely appreciated. By merely > >>posting the > >>results and expecting that we're going to jump up and down and start > >>auditing > >>everything, you demonstrate the worst of all development attitudes > >>possible. > >> > >>Aaron > >> > >> > >>Dan Weber <[EMAIL PROTECTED]> said: > >> > >> > >>>I found a new little programmer called flawfinder. Here is a report > >>>from dbmail-2.0. > >>> > >>> > >> > >> > >>[load of obnoxious encoded bullshit snipped] > >> > > > >_______________________________________________ > >Dbmail-dev mailing list > >Dbmail-dev@dbmail.org > >http://twister.fastxs.net/mailman/listinfo/dbmail-dev > _______________________________________________ > Dbmail-dev mailing list > Dbmail-dev@dbmail.org > http://twister.fastxs.net/mailman/listinfo/dbmail-dev >
signature.asc
Description: Digital signature
