Re: Purify/Insure++ (fwd)

[Dirk-Willem van Gulik <di...@jrc.it>]

Does anyone have experience with it; I cannot get it
to work on BSD.

Dw.

---------- Forwarded message ----------
Date: Wed, 14 Jan 1998 09:54:55 -0600
From: Dan Nelson <dn...@emsphone.com>
To: "Jordan K. Hubbard" <jk...@time.cdrom.com>
Cc: hackers@FreeBSD.ORG, The Hermit Hacker <sc...@hub.org>
Subject: Re: Purify/Insure++

In the last episode (Jan 13), Jordan K. Hubbard said:
> > 	I guess this begs the question as to what they would consider a
> > large enough market in order to do the port?  Same for pretty much
> > any commercial port, how many ppl would have to commit to
> > purchasing a copy to make it viable for them?
> 
> In other words, "Forget it."  If we want Insure or Purify in the free
> software world, we're going to have to do our own versions and hope
> that there aren't too many software patents on the process.

Not sure if this is in the same area of "debugging" tools or in a
different niche, but I've had good results with the bounds-checking gcc
patch to 2.7.2.  It slows down your program quite a bit when enabled,
but does range and type checking on every variable, pointer, and array
in your code.   Makes finding buffer-overflow bugs a no-brainer.

The code is for 2.7.2, but should build on 2.7.2.1 with minimal
patching.  Wonder if the egcc people are thinking about a
bounds-checking patch; would be a nice addition.

Re: Purify/Insure++ (fwd)

[Dean Gaudet <dg...@arctic.org>]

I noticed that the Checker stuff is in gcc-2.8.0.  Dunno if it's
functioning on i386 yet.  I gave up on the older version of Checker, it
was just too painful to try to get it working again (it works on really
old linux boxes, with old libc and old gas).

Dean

On Thu, 15 Jan 1998, Dirk-Willem van Gulik wrote:

> 
> Does anyone have experience with it; I cannot get it
> to work on BSD.
> 
> Dw.
> 
> ---------- Forwarded message ----------
> Date: Wed, 14 Jan 1998 09:54:55 -0600
> From: Dan Nelson <dn...@emsphone.com>
> To: "Jordan K. Hubbard" <jk...@time.cdrom.com>
> Cc: hackers@FreeBSD.ORG, The Hermit Hacker <sc...@hub.org>
> Subject: Re: Purify/Insure++
> 
> In the last episode (Jan 13), Jordan K. Hubbard said:
> > > 	I guess this begs the question as to what they would consider a
> > > large enough market in order to do the port?  Same for pretty much
> > > any commercial port, how many ppl would have to commit to
> > > purchasing a copy to make it viable for them?
> > 
> > In other words, "Forget it."  If we want Insure or Purify in the free
> > software world, we're going to have to do our own versions and hope
> > that there aren't too many software patents on the process.
> 
> Not sure if this is in the same area of "debugging" tools or in a
> different niche, but I've had good results with the bounds-checking gcc
> patch to 2.7.2.  It slows down your program quite a bit when enabled,
> but does range and type checking on every variable, pointer, and array
> in your code.   Makes finding buffer-overflow bugs a no-brainer.
> 
> The code is for 2.7.2, but should build on 2.7.2.1 with minimal
> patching.  Wonder if the egcc people are thinking about a
> bounds-checking patch; would be a nice addition.
> 
> 
>