Shared publicly  - 
 
It's not a very advanced regular expression, but I still find this a bit alarming in the Linux kernel:

$ git log --no-merges v3.5..v3.6 |egrep -i '(integer|counter|buffer|stack|fix) (over|under)flow' | wc -l
31

How many were security relevant? How many got CVEs?
6
2
Horst H. von Brand's profile photoJunio C Hamano's profile photoMathias Krause's profile photo
3 comments
 
The following finds the moral equivalent, counts a bit more, and counts each commit only once (I think egrep piped to wc counts dd03e73481 as three hits, for example):

$ git log --oneline --no-merges \
  --all-match --regexp-ignore-case \
  --grep='\(integer\|counter\|buffer\|stack\|fix\)' \
  --grep='\(over\|under\)flow' v3.5..v3.6  | wc -l
53

You can lose "--oneline" and "| wc -l" to view the messages in full glory. While reading the output in "less", you can type

/(integer|counter|buffer|stack|fix) (over|under)flow

and see the difference made by using "log --grep".
 
Please don't publish this, the PaXfolks will start whining they want all commits marked this way...
 
Not to forget those: ;)

$ git log --oneline --no-merges --grep='info.*leak' v3.5..v3.6 | wc -l
21
Add a comment...