Hal Murray <hmur...@megapathdsl.net>: > I like the strace idea. Why don't you collect some data, write the code to > process it, and compare the results with our code? It would be interesting > to > see how many unused slots we have.
Because that would be silly. At best I could exercise only a tiny random sample of the potential execution paths. Any sense of security we got from this would be false. On the other hand, static-compiling the binary and enumerating its trap calls would give correct results for all possible execution paths. This page http://projects.cerias.purdue.edu/forensics/old_projects/reverse/analysis.html describes a technique that shout be applicable. -- <a href="http://www.catb.org/~esr/">Eric S. Raymond</a> My work is funded by the Internet Civil Engineering Institute: https://icei.org Please visit their site and donate: the civilization you save might be your own. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel