Dailydave mailing list archives
Re: Today's thought
From: Matt Hargett <matt () use net>
Date: Sat, 29 May 2004 11:44:06 -0700
Halvar Flake wrote:
Did they mention that in one of their papers? I only read a few that Newsham pointed me at a year or two ago and didn't see it mentioned. I seem to remember you telling me a year or so ago that you didn't see the point in interfunction value tracking, nice to know you and I are in agreement now :)I know that I am sometimes a bit hard to understand, but please do not claim such bullshit publically. Anyone who has talked to me in the timesince ... err ... 2001 ... knows that I was working on a decent interprocedural dataflow code. First stab was ObjRec, and that was early2001. I don't know how you come to the above, and can only assume you completely misunderstood what I was saying.
I've never seen ObjRec other than over someone's shoulder, so I have no idea how you implemented things there. I seem to recall we were talking about detection of "size" bugs, and you were talking about backtracing. I said that I preferred the PC-Lint approach of starting at the allocators and coloring the dataflow moving forward, which seems like more work at first, but after you do everything necessary for decent backtracing one realises that coloring forward is about the same computationally in the worst case. The sticking point was that I said either approach is quite limited without interfunction dataflow and value tracking (which PC-Lint also does... sometimes). You then said that value tracking wasn't useful, and I disagreed given my experience with finding certain classes of bugs only in the presence of interfunction value tracking. I don't remember the rest of the conversation.
I'm pretty sure I understood you clearly, since you were in disagreement with what I was saying. Perhaps the confusion is in interfunction dataflow coloring versus actual value tracking and simulation versus forward tracing instead of backtracing? Maybe you were just screwing with me? Perhaps that conversation never happened and it was all a dream...
In any event, I didn't intend to upset/insult you publically or privately with my comments. Please accept my apologies :)
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Today's thought Dave Aitel (May 25)
- Re: Today's thought Halvar Flake (May 25)
- Re: Today's thought Matt Hargett (May 26)
- Re: Today's thought Halvar Flake (May 26)
- RE: Today's thought Chris Eagle (May 27)
- Re: Today's thought Dave Aitel (May 27)
- Re: Today's thought Dave Aitel (May 27)
- Re: Today's thought Matt Hargett (May 27)
- Re: Today's thought Halvar Flake (May 27)
- Re: Today's thought Matt Hargett (May 29)
- Re: Today's thought Halvar Flake (May 29)
- Re: Today's thought Halvar Flake (May 26)