No, Coverity did not catch Heartbleed. http://security.coverity.com/blog/2014/Apr/on-detecting-heartbleed-with-static-analysis.html
On 16.04.2014, at 12:25, Tom Browder wrote: > Is OpenSSL participating in the Coverity free scanning program for > open source software? If not, it might have caught the Heartbleed > bug. If so, why did it miss it? > > See this link for the latest report on open source statistics: > > http://softwareintegrity.coverity.com/register-for-scan-report-2013.html > > Kind regards, > > -Tom -- Stefan H. Holek ste...@epy.co.at ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org