---- Original message ---- >Date: Mon, 4 Sep 2006 10:26:26 -0400 >From: "Nick Guenther" <[EMAIL PROTECTED]> >Subject: Re: automated source code scanning >To: OpenBSD-Misc <misc@openbsd.org> > >On 9/4/06, Jacob Yocom-Piatt <[EMAIL PROTECTED]> wrote: >> since the openbsd project prides itself on being especially proactive about >> debugging, it would not surprise me to learn that there is automated code >> auditing going on. is this already the case? i didn't see openbsd listed on >> coverity's page, http://scan.coverity.com/ . >> >> further info about software that is already available would be nice, >> especially >> if it's open source. >> >> cheers, >> jake >> > >From what I've seen here before the consensus seems to be that >automated scanning is bad idea, because it can never (or at least, not >for a while yet) match the intelligence of a human, and because making >humans read the code leads to finding other bugs, like logic bugs, >that would never be noticed otherwise. There's lint(1) if you want to >check your C. > >-Nick >
<doh>! i did not realize there is a cvs mailing list.
