Dear Friends,
I discovered flawfinder reading an article in French GNU/Linux magazine.
Flawfinder (available from Debian SID) seems to be a very interesting
tool.
Please find attached the result from $ flaw /trunk flaw.txt.
http://www.gooze.eu/sites/default/files/download/flawfinder.txt
Hits =
Le 10 octobre 2010 09:20, Jean-Michel Pouré - GOOZE jmpo...@gooze.eu a écrit :
I discovered flawfinder reading an article in French GNU/Linux magazine.
Flawfinder (available from Debian SID) seems to be a very interesting
tool.
Please find attached the result from $ flaw /trunk flaw.txt.
Le dimanche 10 octobre 2010 à 10:43 +0200, Ludovic Rousseau a écrit :
Now you can analyse each result.
And if a real problem is present explain it and propose a patch.
Of course this is the hard part of the job.
The answer to this question depends on the quality of flawfinder
reports.
If
On Oct 10, 2010, at 1:10 PM, Jean-Michel Pouré - GOOZE wrote:
Le dimanche 10 octobre 2010 à 10:43 +0200, Ludovic Rousseau a écrit :
Now you can analyse each result.
And if a real problem is present explain it and propose a patch.
Of course this is the hard part of the job.
The answer to
Hi!
What are the limitations in OpenSC?
1. There is no kind of abstraction in the current SM code. At the
moment every card driver implements its own version of secure
messaging. This leads to duplicated code. For example, what I saw
at the first glance is that every card driver
