Date: Fri, 25 Apr 2014 13:24:44 -0700 From: "Ronald F. Guilmette" <rfg@tristatelogic.com> To: "freebsd-security\@freebsd.org security" <freebsd-security@freebsd.org> Subject: Re: OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + hole? Message-ID: <32060.1398457484@server1.tristatelogic.com> In-Reply-To: <86zjj9mivi.fsf@nine.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <86zjj9mivi.fsf@nine.des.no>, =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> wrote: >Ben Laurie <benl@freebsd.org> writes: >> Dag-Erling Sm=C3=B8rgrav <des@des.no> writes: >> > https://en.wikipedia.org/wiki/Halting_problem >> Curious what the halting problem can tell us about finding/fixing bugs? > >Some participants in this thread claim that there is no such thing as a >false positive from a static analyzer. I suppose that you might possibly be referring to me. Assuming so, I would respond as follows... Sir, I believe that you may have misconstrued my comments. I'll should probably go back now and look at exactly what I may have said, and try to find how that could have been interpreted in this way, however I do know that I did attempt to make the point that (for example) a warning saying that there is no return statement at the end of a function when in fact there is no return statement at the end of said function is not in any sense a "false positive". I still stand by that assertion, which I believe is self-evident. Separately, a code example of the following general form was discussed: if (condition) variable = value1; if (!condition) variable = value2; use (variable); It was noted that code of this form can generate a "false positive" warning, from some or many code analyzers, to the effect that "variable" may be used while in an "uninitialized" state. I agree entirely that, given code of the above form, the variable will never in fact be used while in an uninitialized state, and that thus, any such warning is rather unambiguously "false". I don't believe that I suggested otherwise. I did however note that the warning in such cases may be trivially quieted by the addition of an (unconditional) initialization of "variable" somewhere prior to the code in question. I did that in response to an assertion that eliminating such a warning might be in some sense "too hard", even though the party or parties to which such an assertion might apply was not specified. >A corollary of the halting problem... Although this interesting digression may have something to do with either comments that were made, by someone, or to your interpretation of comments that may have been made, by either me or someone else, I am not persuaded that it has anything at all to do with the two specific (and self-evident?) points that I made earlier, and that I have just reiterated again above. Regards, rfg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?32060.1398457484>