OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + hole?
Chad Perrin
code at apotheon.net
Fri Apr 25 17:51:11 UTC 2014
On Fri, Apr 25, 2014 at 07:14:25PM +0200, Dag-Erling Smørgrav wrote:
> Ben Laurie <benl at freebsd.org> writes:
> > Dag-Erling Smørgrav <des at des.no> writes:
> > > https://en.wikipedia.org/wiki/Halting_problem
> > Curious what the halting problem can tell us about finding/fixing bugs?
>
> Some participants in this thread claim that there is no such thing as a
> false positive from a static analyzer. A corollary of the halting
> problem is that it is impossible to write a program capable to proving
> or disproving the correctness of all programs. Hence, static analysis
> must perforce produce both false positive and false negative results.
> The purpose of static analysis in a compiler is to identify possible
> optimizations; therefore it must be conservative, because a false
> negative may result in incorrect code; therefore it will produce many
> false positives.
While I'm letting myself get embroiled in this, I have a question:
Do you claim that the Clang static analyzer is essentially worthless for
finding and fixing security-related bugs because it is more trouble to
make use of its output than its output is worth, or does it only *seem*
like that is your claim?
--
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
More information about the freebsd-security
mailing list