Fwd: New Defects reported by Coverity Scan for ntpsec
Eric S. Raymond
esr at thyrsus.com
Mon Jun 27 04:30:22 UTC 2016
Mark Atwood <fallenpegasus at gmail.com>:
> ** CID 149750: Uninitialized variables (UNINIT)
> /ntpd/ntp_intercept.c: 855 in intercept_replay()
Known. Not fixed because that code isn't in the new TESTFRAME branch;
it''s going to go away.
> ** CID 149749: (UNINIT)
> /ntpq/ntpq-subs.c: 1751 in doprintpeers()
> /ntpq/ntpq-subs.c: 1794 in doprintpeers()
> ** CID 149748: Null pointer dereferences (NULL_RETURNS)
> /ntpd/refclock_jjy.c: 2374 in jjy_receive_seiko_tsys_tdc_300()
I repaired these last night in a commit commented 'Fix glitches detected by
Coverity." And I'd think that was the end of it, except for GitLab
Issue #86: "latest ntpq segfaults", which suggests that Dave Morgan's
repo still has one of the ntpq-subs bugs in it.
I'm a little puzzled. Is everybody properly synced up? Mark, have you
got 'Fix glitches detected by Coverity.' in your history? Where and when
was this scan taken?
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
More information about the devel