Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Fw: [nmap-svn] r6240 - nmap
From: Fyodor <fyodor () insecure org>
Date: Thu, 15 Nov 2007 16:34:11 -0800

On Fri, Nov 16, 2007 at 12:26:30AM +0000, Brandon Enright wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey guys, this is awesome.  How did we manage a Coverity scan?

I met their Open Source Strategist David Maxwell at a Google Summer of
Code Summit and sweet talked him into scanning the Nmap code base :).
Then Kris volunteered to look over their report today and has so far
confirmed and fixed a number of issues they identified.  So it looks
like the effort is paying off, just in time for the stable release :).

Here are the types of issues Coverity reported when scanning SOC6
(many of these are, of course, false positives):

Defects found            : 32 Total
                            7 DEADCODE
                            8 FORWARD_NULL
                            3 NEGATIVE_RETURNS
                            2 NULL_RETURNS
                            2 OVERRUN_STATIC
                            4 RESOURCE_LEAK
                            2 REVERSE_INULL
                            1 UNINIT
                            3 USE_AFTER_FREE

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
  • Re: Fw: [nmap-svn] r6240 - nmap Fyodor (Nov 16)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]