Re: [Bug-wget] [PATCH] Fixes for issues found by Coverity static analysi

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [PATCH] Fixes for issues found by Coverity static analysi

From:	Tim Rühsen
Subject:	Re: [Bug-wget] [PATCH] Fixes for issues found by Coverity static analysis
Date:	Mon, 27 Aug 2018 12:59:55 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

On 08/27/2018 11:01 AM, Tomas Hozza wrote:
> Hi Darshit.
> 
> On 25.08.2018 08:20, Darshit Shah wrote:
>> Hi Tomas,
>>
>> Thanks for running the scan and the patches you've made! I briefly glanced
>> through those and they seem fine. Of course, they will need to be slightly
>> modified to apply to the current git HEAD. I can do that in the coming days 
>> and
>> apply these patches.
> 
> These were based on the git HEAD at the time of sending. From what I checked 
> just now, that should be still the case. I'm working on 
> git://git.savannah.gnu.org/wget.git.
> 
>> I would like to ask you if there is a regular scan of Wget that you have set 
>> up
>> on Coverity. We used to run coverity scans regularly, but since the last year
>> or so, I haven't managed to get the coverity binaries to execute on my 
>> system.
>> So the scans stopped. If you have a scheduled run, I would like to be able to
>> see the results on Coverity so that we can keep fixing those issues.
> 
> This is Red Hat's internal instance of Coverity combined with other static 
> analyzers. Nevertheless I can share the full results with you if needed. 
> Please let me know if I should send it to mailing list or to you directly.

Also a big "thank you" from my side !

If you think there is no obvious security issue involved, just send to
the ML. Otherwise to Darshit and me please.

> 
>> P.S.: It seems like you haven't assigned your copyrights to the FSF for Wget.
>> Do you happen to know if your employer has assigned the copyrights on your
>> behalf? I couldn't find any mentions in the list I have locally. You will
>> shortly receive the assignment form in a separate email.
> 
> My knowledge is that Red Hat has agreement with FSF covering all its 
> employees. Since I'm a Red Hat employee and I'm sending these changes as part 
> of my job, I consider this to be implied. I have contributed to wget in the 
> past with the same rationale.

Sorry, that was my fault/doubt (asked Darshit and then was offline on
the weekend). Just found the entry in the FSF list of contributors. My
first grep was -i for 'redhat' - it actually is written 'Red Hat'.

Regards, Tim

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-wget] [PATCH] Fixes for issues found by Coverity static analysis, Tomas Hozza, 2018/08/24
- Re: [Bug-wget] [PATCH] Fixes for issues found by Coverity static analysis, Darshit Shah, 2018/08/25
  - Re: [Bug-wget] [PATCH] Fixes for issues found by Coverity static analysis, Tomas Hozza, 2018/08/27
    - Re: [Bug-wget] [PATCH] Fixes for issues found by Coverity static analysis, Tim Rühsen <=

Prev by Date: Re: [Bug-wget] info wget: some improvement proposals on the documentation-content
Next by Date: [Bug-wget] Running wget with -O and -q in the background yields a file wget-log
Previous by thread: Re: [Bug-wget] [PATCH] Fixes for issues found by Coverity static analysis
Next by thread: [Bug-wget] info wget: some improvement proposals on the documentation-content
Index(es):
- Date
- Thread