OWASP talk and Cyclomatic Code Complexity

Simon Josefsson simon at josefsson.org
Tue Oct 7 14:53:42 CEST 2008

FYI, I gave a talk about open source security processes for the Swedish
OWASP chapter yesterday, see:


One consequence of that is that I have made some cyclomatic code
complexity charts for GnuTLS available, see:


Two of our security advisories have been in one of the top-five most
complicated functions, so performing code review on more complex
functions may be fruitful.

I've blogged about it too:


More information about the Gnutls-devel mailing list