On 2015-10-09 11:59 AM, tofumatt wrote:
Hi Ehsan,
That’s been the impression I’ve been getting from asking around. I think
it might be a kind of rabbit hole of a test case, and I’m especially
worried that it could cover 80% of /known/ obfuscation attempts, but
that wouldn’t be much good :-)
Yeah. The way to think about this is that if you're looking for bad
code patterns in an add-on, you want your analysis to be sound. If it's
not, then its usefulness is hugely diminished.
Cheers,
Ehsan
_______________________________________________
dev-static-analysis mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-static-analysis
