|
|
|
|
|
|
by DanBC
4655 days ago
|
|
|
> wouldn't have any semi-capable static analysis tool caught this? Using tools to find "errors" can be problematic. see, for example, the Debian random number bug. (https://www.schneier.com/blog/archives/2008/05/random_number...) > These lines were removed because they caused the Valgrind and Purify tools to produce warnings about the use of uninitialized data in any code that was linked to OpenSSL. |
|
|