On Mar 23, 2010, at 06:48, Mark Kettenis wrote: > Guys, if you ask me, introducing all this additional complecity just > to placate a static analysis tool is starting to get a bit silly. > > How about just putting a comment in the code that the usage of rand() > is not security related at all and therefore perfectly fine?
Yeah, I agree... if someone at some point in time drops rand(), we may need to do this, but for now it really is "close enough" --Jeremy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
