New Defects reported by Coverity Scan for ntpsec
Gary E. Miller
gem at rellim.com
Tue Feb 7 19:44:04 UTC 2023
Yo Hal!
On Mon, 06 Feb 2023 22:51:02 -0800
Hal Murray <halmurray at sonic.net> wrote:
> Thanks.
>
> > Do you have a coverity account?
> > https://scan.coverity.com/
> > Then go to "My Dashboard" and "Add project".
>
> Should we document that? Where?
The procedure changes more often than we add cverity users.
> It looks like Coverity is running over on github.
> Is our copy-to-github stuff documented?
Dunno how it works. It just does.
> I'm waiting for somebody to approve me.
Where? How would I see it?
> >> Date: Thu, 02 Feb 2023 05:48:37 +0000 (Wed 21:48 PST)
> > It was detected on Feb 5.
>
> So the turn around is days rather than hours.
Yeah.
> > So we tell Coverity to ignore the extra defaults.
>
> OK, I propose to turn on -Wswitch-enum and fix all the warnings I
> find. Then I/we fix whatever Coverity complains about. If that is
> too painful, we can back out of -Wswitch-enum.
Seems good to me.
> It may take a few iterations to make Coverity happy and we won't have
> great turn-around, but it's not on the critical path.
What coverity does is mostly run the code with high warning levels. So
if you bump up your warnings you'll see what they see.
There are so many Coverity warnings about ntpd to worry about theat
no one will notice a few more or less.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can't measure it, you can't improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20230207/4101d2c8/attachment.bin>
More information about the devel
mailing list