yyredo and yy_use_redo_text
Matthias Andree
matthias.andree at gmx.de
Mon May 12 00:04:56 CEST 2003
On Fri, 09 May 2003, David Relson wrote:
> In any case, yy_use_redo_text does not present any vulnerabilities. I'll
> try to explain why...
I'm not worried about this function in particular, but about semantics.
The assumptions that the yy_use_redo_text function makes hold today, but
will they hold when someone (like me, who isn't aware of the full
semantics) adds another call to that function that doesn't meet the
requirements?
After all, the preconditions aren't documented, and rather than
documenting them, we can instead ensure them. That's going to give us
code that notices when something's going wrong. It doesn't handle that
condition gracefully, but that a different issue.
C may be fast, and may be good for systems programming, but it has the
nasty habit of reporting virtually no errors. That's what makes it fast
and dangerous.
--
Matthias Andree
More information about the bogofilter-dev
mailing list