OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + hole?
Erik Cederstrand
erik+lists at cederstrand.dk
Wed Apr 23 20:28:55 UTC 2014
Den 23/04/2014 kl. 21.14 skrev Charles Swiger <cswiger at mac.com>:
> The most straightforward changes to this snippet would be either:
>
> int foo(int y, int z) {
> int x;
> if (y == z) {
> x = 0;
> } else {
> x = 1;
> }
> return x;
> }
>
> ...or:
>
> int foo(int y, int z) {
> int x = 0;
> if (y != z) {
> x = 1;
> }
> return x;
> }
>
> Not only are both of these shorter and they pass clang's static analyzer without a warning, I'd argue that the second version is noticeably cleaner.
I don't disagree with you, but rewriting 1000 if-else cases in single-threaded userland programs just so the analyzer understands them is 1) tedious and 2) bound to accidentally introduce at least 50 new bugs, since most real-life examples are considerably more complicated than the minimal example I posted.
Erik
More information about the freebsd-security
mailing list