Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 17 Sep 2012 02:20:30 +0400
From: Solar Designer <>
Subject: Re: Static analysis of John using Coverity

On Sun, Sep 16, 2012 at 11:59:23PM +0400, Alexander Cherepanov wrote:
> On 2012-09-14 03:14, Solar Designer wrote:
> > Jumbo's code quality is too low.  (The core tree's could be
> > improved as well, to be fair.)  Well, maybe some of the positives will
> > make us identify and patch specific bugs... while keeping the overall
> > quality almost as low.
> Do you have in mind some specific directions in which jumbo could be
> improved?

Pieces of code could be rewritten from scratch, and we could start to
impose some restrictions on what gets accepted into jumbo - maybe for
non-format-specific source files only.  This may partially defeat the
purpose of jumbo, though - especially if we impose restrictions on
formats as well.

For example, as I mentioned before, I think that jumbo's changes to
wordlist.c should be reimplemented from scratch.

> Wish-list wiki page mostly lists desired features, maybe it's
> worth to make a list of wishes regarding code quality.

Yes, perhaps.  It should not hurt to wish.

> BTW do you have any plans regarding integrating parts of the jumbo into
> the core?

I'd like to integrate some functionality introduced in jumbo into core,
reimplementing it for core at that time.  For example, if I find time,
it is quite possible that I'll actually reimplement those wordlist.c
changes - and if I am the one to do it, most likely I'll do it in core.

I previously did that for a few things, such as faster processing of
successful guesses (updating rather than regenerating hash tables),
which first appeared in unofficial patches.  More recently, in context
of myrice's GSoC project, I also introduced prepare() and source() into
core - well, this is not committed yet, but patches against core exist
and I do intend to commit them.


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ