User: Password:
|
|
Subscribe / Log in / New account

Comments missing

Comments missing

Posted May 15, 2008 7:47 UTC (Thu) by rvfh (subscriber, #31018)
Parent article: Debian vulnerability has widespread effects

Not commenting code is usually bad, but not commenting code that uses a 'clever trick' seems
to me as recipe for disaster. And that's exactly what happened here.


(Log in to post comments)

Comments missing

Posted May 15, 2008 10:41 UTC (Thu) by erich (guest, #7127) [Link]

actually it was a different instance of the line - and that line actually is a pretty
straightforward use of the Message Digest API - where the harm occurred.
The place where "likely uninitialized data" was used can be removed safely.

Still I have to agree with you that the code should have been better documented.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds