On Fri, 1 Feb 2013, syrine tlili wrote: > Hi: > I would like to report a set of errors found in the source tree of > Linux version 3.0.52 using a static analysis tool for vulnerability > detection that I'm developing based on GCC.
Cool. New useful tools are always nice. Where can I download it/look at its source code? > I have performed the security analysis on the whole linux 3.0.52 > distribution and my tool detected 18 errors related to the use of > unchecked potential null pointers. May I suggest that you run your tool against a more recent code-base, such as the lastest stable kernel (atm 3.7.6) or the latest 3.8-rc kernel (currently 3.8-rc6) or a daily snapshor of Linus' kernel. That may gain you more feedback from people. > Some of these errors are also present in recent kernel versions such > as version 3.6.4 > Details on the detected errors are listed below. > I'm looking forward to getting your feedback on the reported errors. > [...] I'd suggest, that a more useful way of getting feedback would be to run the tool against a more recent (relevant) kernel source and then submit actual patches attempting to *fix* the problems you find. That would be more likely to get peoples attention - and would also potentially result in some nice fixes being merged. -- Jesper Juhl <j...@chaosbits.net> http://www.chaosbits.net/ Don't top-post http://www.catb.org/jargon/html/T/top-post.html Plain text mails only, please. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
