Hi Everyone,
We started running Crypto++ through https://lgtm.com, which provides
security related recommendations. We're seeing some old warnings like:
DERGeneralEncoder is signature-compatible with a copy constructor when its
default arguments are taken into account:
DERGeneralEncoder::DERGeneralEncoder(DERGeneralEncoder &outQueue, byte
asnTag)
: ByteQueue(), m_outQueue(outQueue), m_asnTag(asnTag), m_finished(false)
{
}
I think that was a design choice by Wei early in the library. I think the
complaint is mostly style, but I don't like that it is getting in the way
of a quick-and-dirty security evaluation. That's a recipe for bug reports,
mailing list messages and failed audits.
My question is, should we clear them?
The potential side effect is, if we clear them, then we break ABI and have
to major bump the library.
Jeff
--
You received this message because you are subscribed to "Crypto++ Users". More
information about Crypto++ and this group is available at
http://www.cryptopp.com and
http://groups.google.com/forum/#!forum/cryptopp-users.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/cryptopp-users/0c64ff4c-323f-48fe-8d5c-abd20bbc144f%40googlegroups.com.
