CERT C Secure Coding Standard - last call for reviewers

K

Kenny McCormack

Ignore "Chuck". He's considered to be a bit of a joke here. He is wrong
more often he is right and his group policing and net nannying make him
look like the hypocrite and the fool he is when you consider the fact
that he is STILL posting with a double signature.

You are better off killfiling him and be done with it.

Ahem. *WE* don't killfile people. In fact, nobody really killfiles
anybody (other than obvious spammers). My basic rule is: If you are
thinking about responding to someone, you're not killfiling them.

Clique members *claim* to have us all (i.e., "us" = the sensible people)
killfiled, but we know they are lying. Given that a lot of them are
(religious) nutters as well, the habit of claiming things that they know
aren't so comes naturally to them.
 
B

Brian Inglis

I could find no way to download a draft.

As it's a wiki, I don't expect any comments posted in NGs will be read.
You could use wget -np ... to download the pages, or get a possibly
earlier revision of the complete document (2MB) from
http://www.open-std.org/JTC1/SC22/WG14/www/docs/n1255.pdf.

The web pages seem to be an advert for his book.
The content reminds me too much of Schildt.
Started out as best practices before being pushed as a "standard", with
associated discussions, training, and tools available.
Says it provides rules and recommendations: seems like other coding
guidelines or suggestions of things to avoid; may be a useful checklist
to supplement other approaches.
 
N

Nick Keighley

If you were really interested, you would read comp.compilers.lcc.

no, not really.

In the past Jocob Navia has stated that he will not fix
bugs that are reported by people who do not have a maintenance
contract.

I think this is a bad idea.

He seems to have changed that policy.

I think that is a good idea.

For example, here's a "bug report", reaction to which so surprised
poor Keith:http://groups.google.com/group/comp.compilers.lcc/browse_thread/threa...
Read the program text in the "bug report" and then talk
about attitudes (do read it, all of it, and understand
what it's doing, and try to guess why it was written).

we were saying JN had a *good* attitude in
this instance.
In the same newsgroup you can see Jacob reaction to real
bug reports too. You guys are jerks, you won't understand
that some people don't feel like being polite robots when
get insulted or humiliated (it's funny to see how old wise
Keith acts like a child in such a situation, and yet talks
about "attitude" and shit). Temper, temper, huh?

JN seems to treat any comment about what he says as
a personal attack.
 
K

Keith Thompson

Nick Keighley said:
In the past Jocob Navia has stated that he will not fix
bugs that are reported by people who do not have a maintenance
contract.

I think this is a bad idea.

He seems to have changed that policy.

I think that is a good idea.
[...]

I don't believe he's ever really had such a policy, his sarcastic
remarks to the contrary notwithstanding.
 
J

jacob navia

Nick said:
In the past Jocob Navia has stated that he will not fix
bugs that are reported by people who do not have a maintenance
contract.

Yes, for instance Mr Falconer wanted that I debug my IDE in his
486. He refused to accept to use a more modern machine.

In those cases a maintenance contract is needed, I am sorry.

In most cases I do fix bugs, as I have demonstrated here
quite a number of times. But I have days with only 24 hours,
and excuse me, I have to sleep, eat, etc etc, I can't work all the
time.

I have corrected most bugs presented by people even if they do not
have a maintenance contract. I can't give you *any* guarantee
that I will do so however. It depends if I have time, if the bug
is simple/blocking/important, or hard to fix and only appearing
in very unusual contexts.

If you have a maintenance contract you
have the priority, and your problems will be addressed first.
I think this is a bad idea.

He seems to have changed that policy.

No, see above. I always have the same policy of fixing *real*
bugs. There are things open for discussion, obviously.

I think that is a good idea.

I never did otherwise.
 
A

Antoninus Twink

Yes, for instance Mr Falconer wanted that I debug my IDE in his
486. He refused to accept to use a more modern machine.

You're lucky he didn't want you to make it interoperate with his
multithreaded Pascal code for the 8080...
 
S

santosh

jacob said:
Yes, for instance Mr Falconer wanted that I debug my IDE in his
486. He refused to accept to use a more modern machine.

I think the 486 can be safely ignored at this time. Very few C programs
of any significant size are potable onto every existent C
implementation, or even, I suspect, the majority of them.

For example, a piece of code in Chuck's own hashlib.zip which he says is
pure ISO C (and by implication, portable without modification to all
ISO C implementations), does not compile on systems where ULONG_MAX is
not exactly 2^32-1, as was shown by jaysome yesterday.

I think complaining that your IDE fails on the 486 is going a bit
overboard, particularly when you repeatedly mention on your site that
it is guaranteed to run only on Pentiums and above.
 
M

Morris Dovey

jacob said:
Yes, for instance Mr Falconer wanted that I debug my IDE in his
486. He refused to accept to use a more modern machine.

In those cases a maintenance contract is needed, I am sorry.

If part of the problem is not having a 486, you're invited to
contact me off line. I have one in storage that I don't mind
loaning out.
In most cases I do fix bugs, as I have demonstrated here
quite a number of times. But I have days with only 24 hours,
and excuse me, I have to sleep, eat, etc etc, I can't work all the
time.

You do seem to spend a fair amount of time posting to usenet. :-D
 
C

CBFalconer

jacob said:
Yes, for instance Mr Falconer wanted that I debug my IDE in his
486. He refused to accept to use a more modern machine.

No I didn't. I advised you that the system had failed within about
2 or 3 months of your causing the failure. You had no idea what
went wrong.

The later criticisms have been when you claim the system works
under W98. It doesn't, if the W98 is running on a 486. Note that
w98 doesn't care. You still don't know why your system fails.

BTW, all this, except the later advisories (about W98) happened
about 6 years ago.
 
C

CBFalconer

santosh said:
.... snip ...

For example, a piece of code in Chuck's own hashlib.zip which he
says is pure ISO C (and by implication, portable without
modification to all ISO C implementations), does not compile on
systems where ULONG_MAX is not exactly 2^32-1, as was shown by
jaysome yesterday.

I think complaining that your IDE fails on the 486 is going a bit
overboard, particularly when you repeatedly mention on your site
that it is guaranteed to run only on Pentiums and above.

Jacob doesn't point out that my complaint was 6 or more years ago,
and since then I have simply pointed out his error in claiming lcc
functions under W98.

I have put up replies about the hashlib problem. I would be very
happy to remove that restriction in cokusmt (it only affects the
testing sequence, not the library), but I have no equipment
suitable for testing. The other error is fixed by replacing stdin
with stdout, which it should have been in the first place. A
genuine insect.
 
R

rCs

I think the point was valid: If examples are given, they ought
to follow *all* the "good practice guidelines". The exhibited
code had *several* security, portability, and reliability issues.i

i agree these comments are valid; this is the sort of feedback we are
looking for.

i only wish i could get you folks to post them as comments on the
wiki; it would really help.

also, please don't stop after you find one error--keep going!

thanks,
rCs

rCs
 
R

rCs

Brian,

Response below.

As it's a wiki, I don't expect any comments posted in NGs will be read.
You could use wget -np ... to download the pages, or get a possibly
earlier revision of the complete document (2MB) fromhttp://www.open-std.org/JTC1/SC22/WG14/www/docs/n1255.pdf.

The web pages seem to be an advert for his book.
The content reminds me too much of Schildt.
Started out as best practices before being pushed as a "standard", with
associated discussions, training, and tools available.
Says it provides rules and recommendations: seems like other coding
guidelines or suggestions of things to avoid; may be a useful checklist
to supplement other approaches.

the term coding standard has many different interpretations, and there
are a variety of ways such a document can be applied in practice. one
of these, clearly, is to adopt these as coding guidelines. we have
also had a great deal of interest from source code analysis tool
vendors, who would like to be able to check code for compliance with
the rule sets. in this sense, it does provide a "standard" set of
rules for multiple vendors to adopt.

thanks-
rCs
 
R

Richard Heathfield

rCs said:
Richard,

Answers below.


We tried to explain this in the Rationale section of our Scope:

https://www.securecoding.cert.org/confluence/display/seccode/Scope

Thanks. Alas, my browser crashed whilst trying to load that page, so I
ended up wgetting it.

The document says: "C99 is more widely implemented, but even if it were not
yet, it is the direction in which the industry is moving." Actually, C99
isn't very widely implemented at all, and it isn't a single direction in
which the entire industry is moving. Rather, various bits of the industry
are moving in some of the directions mapped out by C99, but there is
little unanimity.

I was hoping to provide rather more useful feedback to you about the actual
document. But in three attempts to access your site, I've had three
browser crashes. The browser I normally use for Usenet-posted links,
Konqueror, works just fine most of the time - so I have come to perceive
sites that it crashes on as badly-written sites (although of course that's
no excuse for its crashing).

Could you please publish a URL that allows me to download the entire
document as one file, via wget? I'm prepared to spend some time helping
you out, but I don't want to fight your Web site.
 
S

santosh

CBFalconer said:
Jacob doesn't point out that my complaint was 6 or more years ago,
and since then I have simply pointed out his error in claiming lcc
functions under W98.

But I'm not aware that he claims that the IDE *does* function under
Windows 98. Sure he might have claimed in the past, but I believe he no
longer does.
I have put up replies about the hashlib problem. I would be very
happy to remove that restriction in cokusmt (it only affects the
testing sequence, not the library), but I have no equipment
suitable for testing. The other error is fixed by replacing stdin
with stdout, which it should have been in the first place. A
genuine insect.

Yes, and the small problem with the makefile not functioning properly
under UNIX systems. It generates executables with a .exe suffix, but
the runtests file tries to invoke them without their suffix, which
fails. Also 'make hashlib' fails, because it tries to link hashlib.o
into a complete executable, which it can't be. However 'make' does
succeed. Also the forth test fails.
 
S

santosh

Richard said:
rCs said:


Thanks. Alas, my browser crashed whilst trying to load that page, so I
ended up wgetting it.
I was hoping to provide rather more useful feedback to you about the
actual document. But in three attempts to access your site, I've had
three browser crashes. The browser I normally use for Usenet-posted
links, Konqueror, works just fine most of the time - so I have come to
perceive sites that it crashes on as badly-written sites (although of
course that's no excuse for its crashing).

Could you please publish a URL that allows me to download the entire
document as one file, via wget? I'm prepared to spend some time
helping you out, but I don't want to fight your Web site.

Hm, I can browse that site fine in both Firefox, Galeon and Konqueror.
Strange that it crashes for you.
 
R

Richard Heathfield

santosh said:

Hm, I can browse that site fine in both Firefox, Galeon and Konqueror.
Strange that it crashes for you.

Possibly due to archaism at this end. Nevertheless, for most sites it works
fine, and I have never yet come across a reason powerful enough to justify
my spending time *today* to grab a later version. Scott Adams explained
the economics of this problem in one of his books.

Is there a single URL from which the "Standard" can be wgetted?
 
N

Nick Keighley

Nick Keighleywrote:

Yes, for instance Mr Falconer wanted that I debug my IDE in his
486. He refused to accept to use a more modern machine.

In those cases a maintenance contract is needed, I am sorry.

In most cases I do fix bugs, as I have demonstrated here
quite a number of times. But I have days with only 24 hours,
and excuse me, I have to sleep, eat, etc etc, I can't work all the
time.

I have corrected most bugs presented by people even if they do not
have a maintenance contract. I can't give you *any* guarantee
that I will do so however. It depends if I have time, if the bug
is simple/blocking/important, or hard to fix and only appearing
in very unusual contexts.

If you have a maintenance contract you
have the priority, and your problems will be addressed first.



No, see above. I always have the same policy of fixing *real*
bugs. There are things open for discussion, obviously.


I never did otherwise.

apologies if I misinterpreted you.
 
J

jacob navia

santosh said:
Hm, I can browse that site fine in both Firefox, Galeon and Konqueror.
Strange that it crashes for you.

His browser crashes when it sees the magic words
"C99"

:)
 
A

Antoninus Twink

If part of the problem is not having a 486, you're invited to
contact me off line. I have one in storage that I don't mind
loaning out.

Sometimes you wonder whether this group is for real. Did it occur to you
that Jacob might not care about debugging his IDE on a 486, since CBF is
the only person alive still using one, and he's probably only
complaining to be his usual contrary self?

And the economics of shipping a 486 box across the atlantic are
mind-boggling...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,906
Latest member
SkinfixSkintag

Latest Threads

Top