[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] [PATCH] Fixes for issues found by Coverity static analysi
Re: [Bug-wget] [PATCH] Fixes for issues found by Coverity static analysis
Mon, 27 Aug 2018 11:01:14 +0200
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
On 25.08.2018 08:20, Darshit Shah wrote:
> Hi Tomas,
> Thanks for running the scan and the patches you've made! I briefly glanced
> through those and they seem fine. Of course, they will need to be slightly
> modified to apply to the current git HEAD. I can do that in the coming days
> apply these patches.
These were based on the git HEAD at the time of sending. From what I checked
just now, that should be still the case. I'm working on
> I would like to ask you if there is a regular scan of Wget that you have set
> on Coverity. We used to run coverity scans regularly, but since the last year
> or so, I haven't managed to get the coverity binaries to execute on my system.
> So the scans stopped. If you have a scheduled run, I would like to be able to
> see the results on Coverity so that we can keep fixing those issues.
This is Red Hat's internal instance of Coverity combined with other static
analyzers. Nevertheless I can share the full results with you if needed. Please
let me know if I should send it to mailing list or to you directly.
> P.S.: It seems like you haven't assigned your copyrights to the FSF for Wget.
> Do you happen to know if your employer has assigned the copyrights on your
> behalf? I couldn't find any mentions in the list I have locally. You will
> shortly receive the assignment form in a separate email.
My knowledge is that Red Hat has agreement with FSF covering all its employees.
Since I'm a Red Hat employee and I'm sending these changes as part of my job, I
consider this to be implied. I have contributed to wget in the past with the
> * Tomas Hozza <address@hidden> [180825 02:21]:
>> We scanned the latest version of wget (1.19.5) with Coverity static
>> analyzer. It found some potentially important issues like RESOURCE LEAKS.
>> I'm attaching my proposed fixes for these issues. Each commit includes the
>> output from Coverity and the outcome of my analysis of the problem from
>> Tomas Hozza
>> Associate Manager, Software Engineering - EMEA ENG Core Services
>> PGP: 1D9F3C2D
>> UTC+1 (CET)
>> Red Hat Inc. http://cz.redhat.com
Associate Manager, Software Engineering - EMEA ENG Core Services
Red Hat Inc. http://cz.redhat.com