Dailydave mailing list archives

Re: Fwd: Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did

From: Halvar Flake <halvar () gmx de>
Date: Thu, 5 Feb 2004 16:34:17 +0100

Hey all,

RT> Oops, I'm thinking like a developer who expects to be responsible for
RT> building robust, testable, maintainable code before it's delivered
RT> to Q-A or the customer, or subjected to some pornographic test cooked up
RT> by CTO (Chief Torture Officer) Aitel using Canvas.  

:-) Static arrays have their place, and nobody says you should
dynamically allocate everything you need. But if you manage to build
me a tree of dynamically calculated depth or a cyclic graph without the
use of pointers, you can be sure that the code you created is less
readable and maintanable than the "elegant" solution.

Humans invented complex data structures for a reason. I am not saying
that they should be applied indifferently. In general, when writing
secure code, you should try to keep the shape of your data structures
simple. But sometimes that is impossible unless you're willing to
trade O(n) to O(n^c) or something a lot worse.

Cheers,
Halvar

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Fwd: Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Rodney Thayer (Feb 05)
- Re: Fwd: Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Halvar Flake (Feb 05)
  - Re: Fwd: Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Rodney Thayer (Feb 05)