tag:blogger.com,1999:blog-34826778.post7457309299147777647..comments2023-11-26T20:17:38.912-08:00Comments on EM_386: Code Auditing ChecklistChris Rohlfhttp://www.blogger.com/profile/06213034368649454197noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-34826778.post-16030185875164894142009-09-11T02:36:51.264-07:002009-09-11T02:36:51.264-07:00Thanks for expressing so little exposed common-sen...Thanks for expressing so little exposed common-sense.<br /><br />I am not as involved as you are in the audit of foreign code but I agree with the problems caused by (often pointless) complexity (too many small functions, too deep levels of call chain, etc.).<br /><br />And Apache is a very good example of that bad practice.<br /><br />If it is difficult for a programmer to read complex code, chances are that computers will ALSO have trouble chewing it.<br /><br />Hence the virtues of lean coded. <br /><br />Small programs are easier to audit, they contain less code (and less bugs), and computers execute them faster.Unknownhttps://www.blogger.com/profile/05687189702186834855noreply@blogger.comtag:blogger.com,1999:blog-34826778.post-406087997640072682007-10-13T02:46:00.000-07:002007-10-13T02:46:00.000-07:00Another nice thing to do is too start from input ...Another nice thing to do is too start from input points in the code, like reading from a file or a socket. This too uncovers things at a much faster pace.Anonymousnoreply@blogger.com