Hi Darshit. On 25.08.2018 08:20, Darshit Shah wrote: > Hi Tomas, > > Thanks for running the scan and the patches you've made! I briefly glanced > through those and they seem fine. Of course, they will need to be slightly > modified to apply to the current git HEAD. I can do that in the coming days > and > apply these patches.
These were based on the git HEAD at the time of sending. From what I checked just now, that should be still the case. I'm working on git://git.savannah.gnu.org/wget.git. > I would like to ask you if there is a regular scan of Wget that you have set > up > on Coverity. We used to run coverity scans regularly, but since the last year > or so, I haven't managed to get the coverity binaries to execute on my system. > So the scans stopped. If you have a scheduled run, I would like to be able to > see the results on Coverity so that we can keep fixing those issues. This is Red Hat's internal instance of Coverity combined with other static analyzers. Nevertheless I can share the full results with you if needed. Please let me know if I should send it to mailing list or to you directly. > P.S.: It seems like you haven't assigned your copyrights to the FSF for Wget. > Do you happen to know if your employer has assigned the copyrights on your > behalf? I couldn't find any mentions in the list I have locally. You will > shortly receive the assignment form in a separate email. My knowledge is that Red Hat has agreement with FSF covering all its employees. Since I'm a Red Hat employee and I'm sending these changes as part of my job, I consider this to be implied. I have contributed to wget in the past with the same rationale. Regards, Tomas > > * Tomas Hozza <tho...@redhat.com> [180825 02:21]: >> Hi. >> >> We scanned the latest version of wget (1.19.5) with Coverity static >> analyzer. It found some potentially important issues like RESOURCE LEAKS. >> I'm attaching my proposed fixes for these issues. Each commit includes the >> output from Coverity and the outcome of my analysis of the problem from >> sources. >> >> Regards, >> Tomas >> -- >> Tomas Hozza >> Associate Manager, Software Engineering - EMEA ENG Core Services >> >> PGP: 1D9F3C2D >> UTC+1 (CET) >> Red Hat Inc. http://cz.redhat.com > > -- Tomas Hozza Associate Manager, Software Engineering - EMEA ENG Core Services PGP: 1D9F3C2D UTC+1 (CET) Red Hat Inc. http://cz.redhat.com