[e-lang] A broken brand?

David Wagner daw at cs.berkeley.edu
Sun Mar 2 15:40:20 EST 2008


Tyler Close writes:
>If I understand this methodology correctly, then wouldn't it still
>flag this code as suspicious even after your proposed fix is applied?

Yup.  It may be useful as a heuristic for identifying places in the
code that would benefit from careful thought, but it's not going to
give us a proof or disproof of security/correctness.


More information about the e-lang mailing list