"Secure coding" audit checkers and Kerberos
john at iastate.edu
Wed Oct 15 00:35:43 EDT 2008
> When error handling is necessary, it's often better if there is one
> error path and not many. If we are concatenating three strings into an
> allocated buffer, I do not want to see unreachable and untestable error
> paths on each of the three string-copy calls.
It seems to me that here is where static analysis tools,
(like Coverity's), can be a help.
More information about the krbdev