On Sun, Apr 13, 2014 at 12:21:14PM +0200, Julien Nabet via RT wrote: > Hello, > > I runned cppcheck (a static analyzer) on openssl master sources > (cppcheck and openssl git updated today). > Even if cppcheck is mainly for C++ and reports false positives > sometimes, I found some reports which might be relevant. > > Here are some examples:
There are lots of static analyze tools like coverity and clang's scan-build. A bug report with all the issues it finds doesn't seem to be useful to me since we can actually run those too. It would be nice if someone can provide patches for some of those issues. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
