| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1508268493.4513.39.camel@linux.vnet.ibm.com>
Date: Tue, 17 Oct 2017 15:28:13 -0400
From: Mimi Zohar <zohar@...ux.vnet.ibm.com>
To: SF Markus Elfring <elfring@...rs.sourceforge.net>,
linux-integrity@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org
Cc: Julia Lawall <julia.lawall@...6.fr>,
Alexander Steffen <Alexander.Steffen@...ineon.com>,
linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
Corentin Labbe <clabbe.montjoie@...il.com>,
Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
Jason Gunthorpe <jgunthorpe@...idianresearch.com>,
Jerry Snitselaar <jsnitsel@...hat.com>,
Kenneth Goldman <kgold@...ux.vnet.ibm.com>,
Michael Ellerman <mpe@...erman.id.au>,
Nayna Jain <nayna@...ux.vnet.ibm.com>,
Paul Mackerras <paulus@...ba.org>,
Peter Hüwe <PeterHuewe@....de>,
Stefan Berger <stefanb@...ux.vnet.ibm.com>
Subject: Re: char/tpm: Improve a size determination in nine functions
On Tue, 2017-10-17 at 20:41 +0200, SF Markus Elfring wrote:
> Do you find my wording “This issue was detected by using the
> Coccinelle software.” insufficient?
The question is not whether it is insufficient, but whether it is
appropriate. Detecting Coccinelle issues is one step. The next step
is deciding what to do with them. Up to now, these messages have been
sent out as informational, not as patches.
Before sending patches to change existing code, address the "problem"
so that it doesn't continue to happen. Only afterwards is it
appropriate to discuss what to do with existing code.
Mimi
Powered by blists - more mailing lists