On Tue, Jun 29, 2004 at 09:36:29AM +0100, Steve Kemp wrote:
>
> Definately agreed. It's always the case that you have to read back
> over the code that has been identified by these tools to see what's
> going on.
Yes, I agree with this too. I have run these tools and even if it finds
some common programming errors it's still necessary to determine if they
are exploitable (if at all).
> I think the point was more to see suspicious things rather than
> anything else.
Yes, that's my point. It can be used as a "measure" to determine where
effort should be placed first. The mistakes detected by these tools are
usually easy to fix, overall improving the program security. Look at how
OpenBSD has sidesteped some vulnerabilities in other BSD or GNU
implementations simply by modifying sprintf statements to snprintf..
Regards
Javier