Date: Fri, 25 Apr 2014 13:47:33 -0700 From: "Ronald F. Guilmette" <rfg@tristatelogic.com> To: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + hole? Message-ID: <32215.1398458853@server1.tristatelogic.com> In-Reply-To: <20140424000744.GE15884@in-addr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20140424000744.GE15884@in-addr.com>, Gary Palmer <gpalmer@freebsd.org> wrote: >Compiler warnings and static code analysis are a small part of a secure >programming mentality/methodology, and in and of themselves are fairly >useless. I doubt either would have caught Heartbleed. I just wanted to say that although I'm quote obviously a proponent of making full use of any and every tool that can generate, at compile time, errors or warnings which may prove useful for improving the quality of code, and while I thus would take issue with Gary Palmer's characteri- zation of such tools as "useless", I do have to concede that he's right that it is either highly unlikely or perhaps even outright impossible that any such tools could have properly diagnosed the specific flaw that led to Heartbleed. Having looked into Heartbleed a little myself... but not too deeply... I would say that the only thing that might possibly have prevented Heartbleed from arising would have been if the entire code base of OpenSSL would have been engineered from the beginning to be rather entirely more object oriented than it is. However even that might well not have prevented this specific bug. (And please note that selecting C as the implementation language most certainly _does not_ preclude object orientation in the code.) Regards, rfg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?32215.1398458853>