[ros-dev] Code Auditing Questions
Brandon Turner
turnerb7 at msu.edu
Sun Jan 22 20:55:26 CET 2006
M Bealby wrote:
>Hey all,
>
><snip>
>
>
>Reporting of errors?
>
>How should I go about reporting the errors? I was previously told to
>report all occasions of the incorrect uses of the RtlAllocateHeap
>function under the same bug number (no 1110, some still unfixed). Is
>this the preferred method for my code auditing results? I would like
>to submit the bugs as quickly as possible, so I can keep my working
>tree as close to possible to head, but this may mean submitting
>multiple bug reports for the same problem. I think that the best
>option is to submit similar bugs in the same module under the same
>report, but open a new bug if the same vulnerability occurs in another
>module. Thoughts?
>
>
We ask that they go in bugzilla just because just for bookeeping
purposes and so that it doesnt get lost and forgotten. Though at time
bugzilla is neglected. I will try to keep up with you on the reports
that you send it. Im sorry I didnt do a better job in the past, I forgot
about that bug. Also, if you are in irc and something is small fix that
you dont want to report to bugzilla, im usually in there and mostly I
have time here and there to fix things throughout the day.
>
>These are just some of my ideas that are floating around in my head at
>the moment. I would welcome all feedback on this matter and I think I
>may create a wiki page with the same information on. Again, thoughts
>on this would be nice as I haven't really used wiki's before.
>
>Cheers,
>Martin
>_______________________________________________
>Ros-dev mailing list
>Ros-dev at reactos.org
>http://www.reactos.org/mailman/listinfo/ros-dev
>
>
>
>
Brandon
More information about the Ros-dev
mailing list