From owner-freebsd-security@FreeBSD.ORG Fri Apr 25 17:51:11 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2312051C for ; Fri, 25 Apr 2014 17:51:11 +0000 (UTC) Received: from gproxy4-pub.mail.unifiedlayer.com (gproxy4-pub.mail.unifiedlayer.com [69.89.23.142]) by mx1.freebsd.org (Postfix) with SMTP id DA35C128A for ; Fri, 25 Apr 2014 17:51:10 +0000 (UTC) Received: (qmail 21874 invoked by uid 0); 25 Apr 2014 17:51:04 -0000 Received: from unknown (HELO CMOut01) (10.0.90.82) by gproxy4.mail.unifiedlayer.com with SMTP; 25 Apr 2014 17:51:04 -0000 Received: from box543.bluehost.com ([74.220.219.143]) by CMOut01 with id uHr11n00d36DqkS01Hr4EU; Fri, 25 Apr 2014 11:51:04 -0600 X-Authority-Analysis: v=2.1 cv=EOmVjTpC c=1 sm=1 tr=0 a=m1eD20qHdBbyQr3wvGb0tQ==:117 a=m1eD20qHdBbyQr3wvGb0tQ==:17 a=cNaOj0WVAAAA:8 a=f5113yIGAAAA:8 a=J0QyKEt1u0cA:10 a=oA0Jii2iB0UA:10 a=ZzjhlJrv0foA:10 a=8nJEP1OIZ-IA:10 a=hBmbxFWgAAAA:8 a=O5JQB85wRqYA:10 a=9NnC__TRAO0A:10 a=6I5d2MoRAAAA:8 a=8pif782wAAAA:8 a=70qzlKQjAAAA:8 a=soYWCMwtBPLKuhagTP0A:9 a=jxO62lszJgyWr7kT:21 a=_ND47J_5DQQ_gorl:21 a=wPNLvfGTeEIA:10 a=SV7veod9ZcQA:10 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=apotheon.net; s=default; h=In-Reply-To:Content-Transfer-Encoding:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date; bh=zJzNxRXvlxIq4nIn8VumcrjOIF5bmtR8CTtHVKh/H1M=; b=ewBil9iZWtzdrFxqzMOvArheSVcxVcIhUriIjUJD2ACT+7YLAq0hlGjM2cluy0z6BNWsqsmDBH5liYblOy1Thw97+cTCNGIIt/FTOEKhw7ZY7FqvoI78nPcJY/UaYRjo; Received: from [98.245.97.34] (port=62857 helo=localhost) by box543.bluehost.com with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.82) (envelope-from ) id 1WdkH7-0004DA-EF for freebsd-security@freebsd.org; Fri, 25 Apr 2014 11:51:01 -0600 Date: Fri, 25 Apr 2014 11:50:56 -0600 From: Chad Perrin To: freebsd-security@freebsd.org Subject: Re: OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + hole? Message-ID: <20140425175056.GA8508@glaze.hydra> Mail-Followup-To: freebsd-security@freebsd.org References: <8783.1398202137@server1.tristatelogic.com> <20140423003400.GA8271@glaze.hydra> <20140423010054.2891E143D098@rock.dv.isc.org> <20140423012206.GB8271@glaze.hydra> <86bnvpoav7.fsf@nine.des.no> <86zjj9mivi.fsf@nine.des.no> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <86zjj9mivi.fsf@nine.des.no> User-Agent: Mutt/1.5.23 (2014-03-12) X-Identified-User: {2737:box543.bluehost.com:apotheon:apotheon.net} {sentby:smtp auth 98.245.97.34 authed with code@apotheon.net} X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 17:51:11 -0000 On Fri, Apr 25, 2014 at 07:14:25PM +0200, Dag-Erling Smørgrav wrote: > Ben Laurie writes: > > Dag-Erling Smørgrav writes: > > > https://en.wikipedia.org/wiki/Halting_problem > > Curious what the halting problem can tell us about finding/fixing bugs? > > Some participants in this thread claim that there is no such thing as a > false positive from a static analyzer. A corollary of the halting > problem is that it is impossible to write a program capable to proving > or disproving the correctness of all programs. Hence, static analysis > must perforce produce both false positive and false negative results. > The purpose of static analysis in a compiler is to identify possible > optimizations; therefore it must be conservative, because a false > negative may result in incorrect code; therefore it will produce many > false positives. While I'm letting myself get embroiled in this, I have a question: Do you claim that the Clang static analyzer is essentially worthless for finding and fixing security-related bugs because it is more trouble to make use of its output than its output is worth, or does it only *seem* like that is your claim? -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]