[Git][NTPsec/ntpsec][master] Coverity -- another try.

Hal Murray halmurray at sonic.net
Thu Jan 23 22:25:53 UTC 2025


[Another exchange that got droped from @devel]

Gary said:
> I'm not a fan of suppressing warnings.  Especially one I agree with.

Right.  But I don't agree with this one and I consider your suggested fix 
to be too ugly.  It's doubling the size of the relevant code block and 
makes it harder to understand what's going on.



We currently have 28 places that squish Coverity warnings.

Several are reminding us that random() isn't good enough for crypto.  We 
could get rid of n-1 of them by calling a subroutine.

It would be neat to double check them and see how many are still needed 
and/or update the comment with a Coverity number.  I don't know my way 
around Coverity and/or gitlab very well.  Can somebody give me a quick 
lesson.  How do I clone our code, make my changes, then get Coverity to 
run on my new code?



-- 
These are my opinions.  I hate spam.





More information about the devel mailing list