[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: [PATCH] Replace int -> uint to avoid signed integer overflow
From: Denys Vlasenko <vda.linux () googlemail ! com>
Date: 2017-02-07 12:09:27
Message-ID: CAK1hOcP_BA90ktY4EX16kQxTK0q5FYU_svdkaqa9e6=ZgcTgfQ () mail ! gmail ! com
[Download RAW message or body]
On Mon, Feb 6, 2017 at 11:59 PM, Rob Landley <rob@landley.net> wrote:
> On 02/06/2017 07:20 AM, Denys Vlasenko wrote:
>> I'm not using their runtime debug thing (I don't even know what it is),
>> if some people would use it and find real bugs, it's good for me.
>
> It's your call what to merge into busybox (and I see you already did), I
> was trying to figure out if I should make an analogous change to toybox
> (since I originally wrote this code and am using it there too).
>
> As far as I can tell the change is just churn: there's no even
> theoretical reproduction sequence for a bug because there's no bug. Just
> tea leaf reading about what future compilers might someday do, but which
> the past several decades of linux and other unixes consistently haven't
> had an issue with (and such a change would break more than just busybox).
>
>> Therefore, I'm willing to help them to not have false positives
>> which make their life harder. Well, unless they want some intrusive
>> and ugly changes. These changes were not.
>
> My attitude towards false positives may have been influenced by people
> running static checkers against toybox and submitting long spreadsheets
> of results, which I've spent hours going through and writing up my
> analysis of each hit
Understandable. I also wouldn't be happy if somebody dumps a ton of
half-cooked analysis "results" on me.
These guys did not do anything like that. They asked to change code
in just a couple of locations so that they get fewer false positives
with some analysis tool.
I decided I can do that for them, even though I don't see these changes
as particularly useful.
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic