Let's use a better tool before injecting a ton of noise and work into the bug system. Asking knowledgable Mozilla community members may lead to an existing better tool: [EMAIL PROTECTED] and [EMAIL PROTECTED] mentioned Dawson Engler's work at Stanford on the Stanford Checker. So, google away, and let's take this exchange to the mozilla.security newsgroup....
And here we are. Anyone have experience with the Stanford Checker or other static code analysis tools based on C/C++ compiler front ends?
/be
