[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: RFC: Performing code security audits before releases...
From: Waldo Bastian <bastian () kde ! org>
Date: 2002-02-25 20:38:07
[Download RAW message or body]
On Monday 25 February 2002 11:43 am, Alex Zepeda wrote:
> On Mon, Feb 25, 2002 at 02:10:03AM -0500, Dawit Alemayehu wrote:
> > For starters I generated and attached below a report for the entire
> > kdelibs directory using RATS (http://www.securesw.com/rats/). Perhaps
> > using the lessons we learn from using tools like this we can write a
> > HOWTO article or create methods to avoid the pitfalls.
>
> A quick check (dcopclient.cpp only) revealed lots of false positives, and
> two (ln 1133, 1164). Certainly, QCString.append or the << operator would
> be a bit cleaner here.
Fixed.
Cheers,
Waldo
--
Advanced technology only happens when people take a basic idea and add to it.
-- Bob Bemer
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic