On 2/24/2019 4:11 PM, Martin Gregorie wrote:

>
> Do you have a scanner that picks up use of insecure library functions in
> your code? Do you patch code when the scanner spots insecure functions?
> If not, why not?
>
> These days all my personal library functions (and many of my self-
> contained, non-trivial Java classes as well as C modules) have test
> harnesses and sets of regression tests that deal with edge cases. The
> code I write is more robust and reliable as a result. Do you do this?
> Again, if not, why not?

How do you scan and test GUI? DO you trust the GUI? :)

--
   @~@   Remain silent! Drink, Blink, Stretch! Live long and prosper!!
  / v \  Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
   ^ ^   (x86_64 Ubuntu 9.10)  Linux 2.6.39.3
¤£­É¶U! ¤£¶BÄF! ¤£½ä¿ú! ¤£´©¥æ! ¤£¥´¥æ! ¤£¥´§T!
¤£¦Û±þ! ¤£¨D¯«!
½Ð¦Ò¼{ºî´© (CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa

--- SoupGate-Win32 v1.05