[AppDB] - protect against sql injection in select, update and delete statements

Chris Morgan cmorgan at alum.wpi.edu
Sun Jun 25 22:00:28 CDT 2006


On Sunday 25 June 2006 10:00 pm, Tony Lambregts wrote:
> Chris Morgan wrote:
> > Testing once beats testing over and over and over again IMO.
>
> Thats why you want to make the patches small. Small patches are easy to
> review, test and prove the correctness of. Big patches are difficult to
> test and one bug rejects the whole thing, so you have to start all over
> again.
>
> > I suspect that if your testing looks good and mine does as well then we
> > should be ready to go.
>
> I will NOT be able to test a big patch again for a while, nor am I really
> willing to. I took quite a while out of my weekend to do the testing
> because I don't want a bad patch going into production again. We have had
> enough bad feelings going on over this that it was easier for me to do the
> testing then to continue arguing with you. I really have a limit though and
> I ask you politely to meet me half way by breaking it up.
>
> > I'll fix up moving test results, that should be an easy one, and do
> > another once over of the patch before comitting it.
> > I'm pretty confident that it is all set, I've tested submitting notes,
> > comments, applications, distributions etc here and it looks good.
>
> I do not support that idea. If you break the patch up into smaller chunks
> then Those can be tested and hopfully put in.
>
> --
>
> Tony Lambregts

I'll break up the patch if you'll start submitting patches that implement 
automated testing.

Otherwise our testing is always going to have poor coverage and is going to be 
a waste of time.  It might be more difficult to implement automated testing 
but it will improve the codebase by allowing us to test it quickly and 
reproducably.

Chris



More information about the wine-patches mailing list