[Git][NTPsec/ntpsec][master] Coverity -- another try.
Hal Murray
halmurray at sonic.net
Thu Jan 23 22:25:53 UTC 2025
[Another exchange that got droped from @devel]
Gary said:
> I'm not a fan of suppressing warnings. Especially one I agree with.
Right. But I don't agree with this one and I consider your suggested fix
to be too ugly. It's doubling the size of the relevant code block and
makes it harder to understand what's going on.
We currently have 28 places that squish Coverity warnings.
Several are reminding us that random() isn't good enough for crypto. We
could get rid of n-1 of them by calling a subroutine.
It would be neat to double check them and see how many are still needed
and/or update the comment with a Coverity number. I don't know my way
around Coverity and/or gitlab very well. Can somebody give me a quick
lesson. How do I clone our code, make my changes, then get Coverity to
run on my new code?
--
These are my opinions. I hate spam.
More information about the devel
mailing list