On Fri, 1 Feb 2013, syrine tlili wrote:

> Hi:
> I would like to report a set of errors found in the source tree of
> Linux version 3.0.52 using a static analysis tool for vulnerability
> detection that I'm developing  based on GCC.

Cool. New useful tools are always nice. Where can I download it/look at 
its source code?


> I have performed the security analysis on the whole linux 3.0.52
> distribution and my tool detected 18 errors related to the use of
> unchecked potential  null pointers.

May I suggest that you run your tool against a more recent code-base, such 
as the lastest stable kernel (atm 3.7.6) or the latest 3.8-rc kernel 
(currently 3.8-rc6) or a daily snapshor of Linus' kernel.
That may gain you more feedback from people.


> Some of these errors are also present in recent kernel versions such
> as version 3.6.4
> Details on the detected errors are listed below.
> I'm looking forward to getting your feedback on the reported errors.
> 
[...]

I'd suggest, that a more useful way of getting feedback would be to run 
the tool against a more recent (relevant) kernel source and then submit 
actual patches attempting to *fix* the problems you find. That would be 
more likely to get peoples attention - and would also potentially result 
in some nice fixes being merged.

-- 
Jesper Juhl <j...@chaosbits.net>       http://www.chaosbits.net/
Don't top-post http://www.catb.org/jargon/html/T/top-post.html
Plain text mails only, please.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to