OT coverity scan of qmail -- 53 potential defects (with false positives)
Georgi Guninski
guninski at guninski.com
Sun Jul 1 09:05:51 PDT 2018
From my blog: https://j.ludost.net/blog/archives/2018/07/01/coverity_scan_of_qmail_--_53_potential_defects_with_false_positives/index.html
coverity scan of qmail -- 53 potential defects (with false positives)
coverity is commercial static source code analyzer accepting some
open source projects for free.
Did a scan of djb's qmail, the results are at:
https://scan.coverity.com/projects/qmail
the tool gave only 53 defects. Quick scan suggests that the non-false
positives are logically dead code (might be wrong about this).
to access the defects, you will need coverity account (free,
captchas).
djb is giving monetary bounty for qmail, owing me a bounty he couldn't
reproduce because of lack of virtual memory on old freebsd ;)
More information about the cypherpunks
mailing list