> From: Dan Kaminsky <d...@doxpara.com>
> Took a look. There are mild issues
> but nothing I'm seeing yet that
> causes clear error. Maybe the <1% error from the
> nonspherical nature
> of the planet could yield something interesting, but thus
> far I'm not
> impressed that a statistically significant fault has been
> found.
Nor would you find anything like that.
The situation is like security vulnerabilities in code. Those who write the
code are motivated not to see the bugs because they want to believe there are
none. At the same time, vuln researchers are motivated to figure out how to
make any minor bug into something major they can exploit.
The same is true of this code. I see lots of problems, such as failure to
sanitize inputs, failure to sanity check results, and table of arbitrary values
that adjust the final result with no documentation as to why they are there.
For example, look at line 47 of "cru-code/linux/mod/homogeneity.f90".
In any case, the issue isn't "accidental" bugs so much as "intentional" ones.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
