[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [Libevent-users] [patch] integer recommendations

To: libevent-users@xxxxxxxxxxxxx
Subject: Re: [Libevent-users] [patch] integer recommendations
From: Nick Mathewson <nickm@xxxxxxxxxxxxx>
Date: Mon, 23 Apr 2012 12:37:17 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: libevent-users-outgoing@xxxxxxxx
Delivered-to: libevent-users@xxxxxxxx
Delivery-date: Mon, 23 Apr 2012 12:37:27 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=hdtCPi6iT6FX4RI3qTIQRWgkRYuVgbDY7UnPDAYCq3E=; b=fv5jzuuyUZAPJtAZ3u4r9YtdGVIlyPr1q7OhU4pNTERvkJjXNV/wuelwsteLObBj+o m+kt85tKApIDCfDo4xP8IJpsdsTTFd6Tq5fYnNkzk0aHliSglgXJi4owxDXD2YAJMgoJ q0tgwmwaRU+ztGIVNd5vuBrRq2k4YT8FGwet4cE1yvgsZt9Sy2CJ7Q6ZO6jfFHjlAeJ3 kOIg/fwUGrjsd5fkr15oOGmHuW9WIZcbLEHUYb7YLnhf8wXF40hxu/xelfiuyL0x3z6f qErKMiU90oSOxZHfbJCIpKF1b4FK1mR32oZFnrHKPwpayhs2/oV43jbqGpJXimogX5Hy LMxA==
In-reply-to: <A783DA56-F649-45EF-9B75-2F0A92583828@xxxxxxxxx>
References: <A783DA56-F649-45EF-9B75-2F0A92583828@xxxxxxxxx>
Reply-to: libevent-users@xxxxxxxxxxxxx
Sender: owner-libevent-users@xxxxxxxxxxxxx

On Mon, Apr 23, 2012 at 9:04 AM, Mansour Moufid <mansourmoufid@xxxxxxxxx> wrote:
> Hi,
>
> Here's a patch to adhere to a few of the integer-related recommendations in the CERT C Secure Coding Standard. I tried not to break anything but you may want to double-check.

Partial NAK.  2.0.x is a stable release series.  It is supposed to
gets bugfix patches only.  I am not applying a 1394-line set of 40
"let's suppress the warning" patches to a stable release, without an
actual bug to fix.

What tool did you use to generate these warnings?  Some of its
recommendations are outlandish.  For example, any tool that says that
you can't use an int index to iterate over the elements of a static
array of < 20 structs is on a serious pedantic kick, as is any tool
that claims we need to index over argv with an size_t.

It also looks like you didn't try building this with
"--enable-gcc-warnings" configure option, which actually *does* catch
compatibility issues.  (For example, patch 9 will break c89 compilers,
of which sadly there still are some.)

Also, what Mark said.  :)

yrs,
-- 
Nick
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
unsubscribe libevent-users    in the body.

Follow-Ups:
- Re: [Libevent-users] [patch] integer recommendations
  - From: Mansour Moufid

References:
- [Libevent-users] [patch] integer recommendations
  - From: Mansour Moufid

Prev by Author: Re: [Libevent-users] Request for input on pending bufferevent_openssl patch.
Next by Author: Re: [Libevent-users] Unable to compile libevent 2.0.18
Previous by thread: Re: [Libevent-users] [patch] integer recommendations
Next by thread: Re: [Libevent-users] [patch] integer recommendations
Index(es):
- Author
- Thread