[dns-operations] Robert Graham - A Quick Review of the BIND9 Code.

Jim Popovitch jimpop at gmail.com
Thu Jul 30 18:04:08 UTC 2015


On Thu, Jul 30, 2015 at 1:56 PM, Jim Popovitch <jimpop at gmail.com> wrote:
> On Thu, Jul 30, 2015 at 1:55 PM, Jim Popovitch <jimpop at gmail.com> wrote:
>> On Thu, Jul 30, 2015 at 1:43 PM, Paul Vixie <paul at redbarn.org> wrote:
>>>
>>>
>>> Roland Dobbins wrote:
>>>> <http://blog.erratasec.com/2015/07/a-quick-review-of-bind9-code.html>
>>>
>>> he's completely right about the const problems in that code base. const
>>> is in C what constraints are in SQL-- more is better.
>>>
>>> he's completely wrong about turning off assertions in production-compiled code, and in his comments about the performance requirements.
>>>
>>> i disagree, stylistically, with his recommendation never to use strcpy, especially when the alternative chosen is often strlcpy, which permits undetected truncation. in his example, the compiler should have flagged the size_t to unsigned int conversion coming out of strlen.
>>>
>>> does anyone know of a linter or compiler that can detect opportunities
>>> to add 'const'?
>>
>> IIRC,  gcc -02 level optimization will auto add consts if it detects constants.
>>
>
> Look here:  https://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html
> search for "-fipa-cp"
>

BTW, while I do respect @ErrataRob, the important take away from this
is that just looking at code is not a 100% clear picture.  You have to
know the compile options&optimizations, the linking
options&optimizations, build environments, and even deployment
scenarios.

-Jim P.




More information about the dns-operations mailing list