Security Audit, was Re: [crossfire] Server release?
Mark Wedel
mwedel at sonic.net
Sun Apr 17 15:58:58 CDT 2005
David Delbecq wrote:
>
A few times ago, i tried to fix this by changing char* manipulation to some
>
macros. This made operations like strcat faster because we kept a track on
>
the lenght of buffer, but i dropped. This was taking me a huge amount of time
>
to code and the various changes in server occuring during that period made a
>
lot of conflict. The good point was 'it was working', the bad point was 'lots
>
of prototype changes'. Maybe i should retry but this time work on something
>
like commiting one clean file per week.
Yes - such a smaller approach may make sense.
It may not be bad just for developers to look at files they have not written
and give them a once over? Something look really odd? dangerous? It may just
be a matter of updating comments, in other cases, poor code could be
discovered/fixed.
More information about the crossfire
mailing list