On 12 August 1998, D.A. Harris <rodmur(_at_)ecst(_dot_)csuchico(_dot_)edu>
On Wed, Aug 12, 1998 at 07:17:56AM +0300, Liviu Daia wrote:
Well, as I said before, I don't think anybody in his right minds
would volunteer to dig through the code looking for overflows. But
there is something that could be done about it with relatively
minimal effort: run Procmail against a memory debugger. I happen to
have access to Insure++ here (that's a commercial memory debugger,
similar to but much better than Purify); so if anybody out there
would care to put together a kind of test suite, I'll run it, and
post the results here. If there is enough interest for that I'll
also post the coverage analysis report so that the suite can be
Would would be involved in writing a test suite?
I'm not sure I really understand your question, but I'll try to
answer two slightly modified versions of it:
(1) "What would be involved in writing a test suite?"
Basically, putting together a set of messages to feed Procmail,
and a set of invocation scenarios --- in order to stress test the most
commonly used (ideally: all) branches of the code. Building a simple
test suite would require understanding the user interface (command
line options, recipes and so on), while building something more useful
(that would be relevant for security issues) would require a minimal
familiarity with the code.
(2) "Would you be involved in writing a test suite?"
No, since I actually stopped using Procmail a while back.
Dr. Liviu Daia e-mail: daia(_at_)stoilow(_dot_)imar(_dot_)ro
Institute of Mathematics web page: http://www.imar.ro/~daia
of the Romanian Academy PGP key: finger