2005-04-12 -+- Winny Thomas -+- winny.thomas@nevisnetworks.com -+- Hi, <br>     I came across your article today. Your article is interesting and was useful for me. I work in an audit team and do a lot of code reading to find holes. I came up with a tool to make my work easy. As of now the tool (i call it codescanner) scans C source files and finds out the following for me and prints out the corresponding line number in the source code. <br> <br>1. calls to allocation routines without checks on return value <br>2. presence of formatting functions like printf without the format specifier <br>3. presence of uninitialized variables and their use on the right hand side of an assignment <br> <br>Well my tool works fine, except that its very slow when it has to look at a directory. I use a linked list to store file information. Your article mentioned that linked lists are not a very useful data structure for heavy weight work, especially searching. so that was a useful tip for me. also running my tool with profiling gave me a good picture of where my code spends most of the time.  <br>Thank you very much for a good article. <br> <br>Regards, <br>Winny -+- 220.225.34.210 = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
2005-06-07 -+- ghazal hassanzadeh -+- nika20082002@yahoo.com -+- not bad -+- 217.219.147.177 = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
2006-01-15 -+- gxguo -+- gxguo@pub.ss.pku.edu.cn -+- good , very good . it's help for me to solve the problem , thank  you -+- 221.221.215.177 = Mozilla/5.0 (X11; U; Linux i686; zh-CN; rv:1.2.1) Gecko/20030225