Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
Ask HN: Would any code analysis tools have caught have caught heartbleed?
1 points
macarthy12
12y ago
3 comments
Save
Share
If not, why not? Is this kind of issue something that a language feature could avoid?
3 comments
3 comments · 2 top-level
top
newest
oldest
pascal_cuoq
12y ago
· 1 in thread
See
http://blog.regehr.org/archives/1125
(Heartbleed and Static Analysis)
macarthy12
OP
12y ago
Looks like the FLOSS community needs to start exploring these kind of tools.
cpeterso
12y ago
This blog post demonstrates how OpenSSL's unsafe C code can be migrated to a safe programming language called ATS (Applied Type System):
http://bluishcoder.co.nz/2014/04/11/preventing-heartbleed-bu...
j
/
k
navigate · click thread line to collapse
