Henrique de Moraes Holschuh wrote:
Coverity has an *excellent* static analisys tool, and they do batch runs of
it over open-source software for free.
Cyrus-sasl is already on their list, but it is on rung 0. This means
nobody from the cyrus-sasl project has registered and accessed the bug
reports from the coverity scan for SASL.
CMU upstream, please rectify that ASAP, scan.coverity.com is quite good at
pointing out the sort of nasty error that stays hidden in the code for a
long time...
Also, please request that cyrus-imapd be added to the coverity scan list,
they are allowing an expansion of the number of covered projects, and cyrus
imap is quite important enough to feature on that list.
I sent an email as specified for Cyrus SASL last week, and I have yet to
receive a response. Once SASL is taken care of, I'll move to get Cyrus
IMAP added.
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
