[dns-operations] Robert Graham - A Quick Review of the BIND9 Code.
Paul Vixie
paul at redbarn.org
Thu Jul 30 17:43:02 UTC 2015
Roland Dobbins wrote:
> <http://blog.erratasec.com/2015/07/a-quick-review-of-bind9-code.html>
he's completely right about the const problems in that code base. const
is in C what constraints are in SQL-- more is better.
he's completely wrong about turning off assertions in production-compiled code, and in his comments about the performance requirements.
i disagree, stylistically, with his recommendation never to use strcpy, especially when the alternative chosen is often strlcpy, which permits undetected truncation. in his example, the compiler should have flagged the size_t to unsigned int conversion coming out of strlen.
does anyone know of a linter or compiler that can detect opportunities
to add 'const'?
--
Paul Vixie
More information about the dns-operations
mailing list