Re: mass bug filing for undefined sn?printf use
On Friday 02 January 2009 05:04:08 Russ Allbery wrote:
> "Paul Wise" <pabs@debian.org> writes:
> > On Fri, Jan 2, 2009 at 3:50 AM, Kees Cook <kees@outflux.net> wrote:
> >> Oh! Good catch, thank you. I've started a re-run with the regex
> >> changed. So far, it's already caught new stuff. I'll post updated
> >> details once it has finished.
> >
> > Could this test be added to lintian?
>
> The thread so far seems to indicate the false positive rate isn't great.
> People usually find Lintian checks with a lot of false positives rather
> annoying. It can be worth it if the problem is sufficiently severe, but
> it always makes me nervous to add.
FYI: such a check will be added to cppcheck too.
--
pub 4096R/0E4BD0AB 2003-03-18 <people.fccf.net/danchev/key pgp.mit.edu>
Reply to: