Ask HN: Would any code analysis tools have caught have caught heartbleed? 1 points by macarthy12 12y ago ↗ HN If not, why not? Is this kind of issue something that a language feature could avoid?
[–] cpeterso 12y ago ↗ This blog post demonstrates how OpenSSL's unsafe C code can be migrated to a safe programming language called ATS (Applied Type System):http://bluishcoder.co.nz/2014/04/11/preventing-heartbleed-bu...
[–] pascal_cuoq 12y ago ↗ See http://blog.regehr.org/archives/1125 (Heartbleed and Static Analysis) [–] macarthy12 12y ago ↗ Looks like the FLOSS community needs to start exploring these kind of tools.
[–] macarthy12 12y ago ↗ Looks like the FLOSS community needs to start exploring these kind of tools.
3 comments
[ 2.7 ms ] story [ 16.9 ms ] threadhttp://bluishcoder.co.nz/2014/04/11/preventing-heartbleed-bu...