Secure Coding mailing list archives

Re: auditing

From: Crispin Cowan <crispin () immunix com>
Date: Mon, 03 May 2004 22:41:56 +0100


jnf wrote:

Someone just suggested ctags, I've never heard of ctags or cscope- I will 
look at them. I don't really know what I was looking for,


ctags kind turns C source code into hypertext: you put your cursor on a 
function call in a source file, press the magic key, and vi[m] jumps to 
the appropriate line in the appropriate source file where that function 
is implemented. Press another magic key, and vi[m] jumps back to the 
call site. Makes it easy and convenient to do a calling-tree structured 
exploration of source code. I found it very valuable for understanding 
how a program is intended to function.


I often find it 
quite furstrating trying to keep track of whats going on across XX global 
variables inside of XX internal functions, and so on- so really anything 
that would help me keep track of it, I suppose a debugger and alot of 
 

ctags does not track variables at all. It only does the above hypertext 
trick.


Crispin

--
Crispin Cowan, Ph.D.  http://immunix.com/~crispin/
CTO, Immunix          http://immunix.com/

Current thread:

auditing jnf (May 03)
- Re: auditing James Walden (May 03)
  - Re: auditing jnf (May 03)
    - Re: auditing ljknews (May 03)
    - Re: auditing Jose Nazario (May 03)
    - Re: auditing jnf (May 05)
    - Re: auditing Paco Hope (May 03)
    - Re: auditing Crispin Cowan (May 03)
- Re: auditing ljknews (May 03)