[Snort-devel] Results of a quick/light code review
linux_4ever at ...398...
Tue Sep 23 08:31:12 EDT 2003
I'm continuing to go through the snort code and have some early
results I'd like to share. The results admittedly border on
cherry picking, but there are quite few things that need fixing.
If I have time, I'll try to get deeper into the code and do more
* rindex, recv, sin, signal, time, free, read, write, system,
index are bad variable names.
*foo(); is not an ANSI function prototype. foo(void); is. The
compiler treats them very differently.
*atoi is a deprecated function. strtol or strtoul should be used.
*errno should be cleared and checked after each use of strtol or
*bzero is a deprecated function. memset should be used.
1098: String format specified, ReferenceNode type was passed. sb
133: String format specified, no arguments
150: unsigned int format specified, long unsigned int passed
129: Several format specifiers in format string. No arguments
138: Several format specifiers in format string. No arguments
131: Format string has no arguments specified. Two are passed.
265: Character format specified, pointer passed.
999: Long unsigned int specified. int passed.
291: 2 arguments specified by format, 3 passed
662: 2 arguments specified in format, only 1 is passed
1511: 4 arguments specified in format, only 3 are passed
3512: 3 arguments specified in format, only 1 is passed
3761: No arguments specified in format, 1 is passed
1230: The if statement has a ; to the right of the closing
1708: I think there's an extra comma between format specifier
224: 3 arguments specified in format, only 2 are passed
344: 3 arguments specified in format, only 1 is passed
348: Should mask be: 0x80000000 or 0xFFFFFFFF ? 1 is a signed
number which has 31 bits, not 32. It then gets converted to
unsigned. Using a constant is clearer.
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
More information about the Snort-devel