Source-Changes-D archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: src/sys/net

On Sun, May 17, 2009 at 05:40:44PM +0300, Elad Efrat wrote:
> > 3.  When (publicly, even) told about an obvious bug, you still go
> >    ahead and commit it.
> False, the bug you're referring to wasn't the one that was fixed, see
> the commit diff:

Yes, it's much different;  instead of dereferencing crap because of an
invalid value of ifd_cmd, you were dereferencing NULL beacause of an
invalid value of ifd_cmd.

What's really worse, though, is that gcc *told* you about bc being used
uninitialised, which I guess is why you added the XXXGCC comment at the
initialisation of bc.

So, really, Elad, reconsider the way you do security development.

Quentin Garnier - -
"See the look on my face from staying too long in one place
[...] every time the morning breaks I know I'm closer to falling"
KT Tunstall, Saving My Face, Drastic Fantastic, 2007.

Attachment: pgpxY3f49qPvt.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index