Fwd: New Defects reported by Coverity Scan for ntpsec

Eric S. Raymond esr at thyrsus.com
Mon Jun 27 04:30:22 UTC 2016

Mark Atwood <fallenpegasus at gmail.com>:
> ** CID 149750:  Uninitialized variables  (UNINIT)
> /ntpd/ntp_intercept.c: 855 in intercept_replay()

Known.  Not fixed because that code isn't in the new TESTFRAME branch;
it''s going to go away.

> ** CID 149749:    (UNINIT)
> /ntpq/ntpq-subs.c: 1751 in doprintpeers()
> /ntpq/ntpq-subs.c: 1794 in doprintpeers()

> ** CID 149748:  Null pointer dereferences  (NULL_RETURNS)
> /ntpd/refclock_jjy.c: 2374 in jjy_receive_seiko_tsys_tdc_300()

I repaired these last night in a commit commented 'Fix glitches detected by
Coverity."  And I'd think that was the end of it, except for GitLab 
Issue #86: "latest ntpq segfaults", which suggests that Dave Morgan's
repo still has one of the ntpq-subs bugs in it.

I'm a little puzzled.  Is everybody properly synced up?  Mark, have you
got 'Fix glitches detected by Coverity.' in your history? Where and when
was this scan taken?
		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>

More information about the devel mailing list