[Cryptography] Ada vs Rust vs safer C

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sun Sep 18 10:44:05 EDT 2016


Florian Weimer <fw at deneb.enyo.de> writes:

>I'm not sure.  PREfast is explicitly targeted at “small code bases”:
>
>| Users commonly run PREfast over a section of code, view results,
>| make fixes, and then run PREfast again. It is recommended that you
>| divide your build into small (10 MB or less) sections, and run
>| PREfast on each section.

That's just saying that if you have a huge code base you may want to break it
up into smaller pieces to speed up analysis.  All of the static analysers take
a long time/lots of CPU to run, and re-analysing the entire code base every
time would be pretty slow.  Certainly for PREfast on my code it's case of
going away to do something else when it's running while I can do a full
rebuild in about 30 seconds.  That's not a big deal, I wouldn't really care if
it had to run overnight to work.

>If there are annotations that are really helpful and not utterly Windows-
>specific, we can put them into GCC.  We just need documentation.

None of them are Windows-specific, it's just things like "this value can only
take ranges between 0 and 100" or "this value points to a buffer whose size is
defined by that other value".  There are composite annotations that say things
like "this is a handle to some Windows-specific thing", but they're just
convenience macros built up from the lower-level primitives.

Peter.


More information about the cryptography mailing list