curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Regarding CVE-2016-9594 (uninitialized random)

From: Michael Felt <michael_at_felt.demon.nl>
Date: Sat, 18 Feb 2017 18:02:19 +0100

On 18/02/2017 11:14, Daniel Stenberg wrote:
>> I see warnings - frequently - from the IBM xlc compiler, but they
>> seem to be missed or ignored by gcc (default flags).
>
I probably should have been clearer - warnings on other projects. From
memory curl is was clean last go around.
> We need to keep building curl with a set of different compilers on
> different hardware and different operating systems to make sure we
> keep the warnings to a minimum. That's one of the purposes of the
> autobuilds: https://curl.haxx.se/dev/builds.html
>
> I personally build with as picky compiler warnings as possibly in my
> every day development as a way to at least address the most obvious
> problems early on. And I browse the autobuilds every now and then to
> see what I can do to fix more warnings.

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-02-18