OWASP talk and Cyclomatic Code Complexity
Simon Josefsson
simon at josefsson.org
Tue Oct 7 14:53:42 CEST 2008
FYI, I gave a talk about open source security processes for the Swedish
OWASP chapter yesterday, see:
http://josefsson.org/talks/owasp-sec.pdf
One consequence of that is that I have made some cyclomatic code
complexity charts for GnuTLS available, see:
http://josefsson.org/cyclo/
http://josefsson.org/cyclo/cyclo-gnutls.html
Two of our security advisories have been in one of the top-five most
complicated functions, so performing code review on more complex
functions may be fruitful.
I've blogged about it too:
http://blog.josefsson.org/2008/10/07/cyclomatic-code-complexity/
/Simon
More information about the Gnutls-devel
mailing list