RSS feed

Re: A couple of issues found by the Coverity scanner fixed in SVN

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: A couple of issues found by the Coverity scanner fixed in SVN

On Mon, 2012-01-09 at 13:20 +0100, Jakub Hrozek wrote:
> we have recently scanned the source of nss-pam-ldapd 0.7.14 (yeah, I
> need to upgrade to .15) that we are using in Fedora with the Coverity
> Static Analysis tool.

Thanks. I performed some scans with flawfinder, rats and splint a few
years back and they turned a few things up but it's always good to
repeat this once in a while with different tools.

> The good news is that the scanner did not find any severe bugs. I think
> that is a nice testament to the overall code quality of nss-pam-ldapd.
> There is a couple of smaller issues, mostly error handling, error reporting
> or resource usage.
> So far, I have commited these fixes:

Thanks, very much appreciated.

> I only commited the patches to the "master" branch. Let me know if you'd
> like to have them present in other branches as well. I intend to
> backport the patches to 0.7.15 and include them in Fedora, too.

I'm preparing an update for 0.7 but I'm trying to keep the same version
in the current Debian stable release. For this I'm communicating with
the Debian release team but I think they are a bit busy at the moment.

There is a nss-pam-ldapd-0.7 branch (I have a bit weird svn repository
layout, I know) that holds some things that should be in the next
release. I'm also considering your strtouid/strtogid changes for that


-- arthur - - --
To unsubscribe send an email to or see