No, Coverity did not catch Heartbleed.
http://security.coverity.com/blog/2014/Apr/on-detecting-heartbleed-with-static-analysis.html
On 16.04.2014, at 12:25, Tom Browder wrote:
Is OpenSSL participating in the Coverity free scanning program for
open source software? If not, it might have
[mailto:owner-openssl-us...@openssl.org]
On Behalf Of Stefan H. Holek
Sent: Friday, April 18, 2014 10:09 AM
To: openssl-users@openssl.org
Subject: Re: Coverity Scan: Would/DId It Catch the Heartbleed Defect?
No, Coverity did not catch Heartbleed.
http://security.coverity.com/blog/2014/Apr/on-detecting
On Fri, Apr 18, 2014 at 12:24 PM, Floodeenjr, Thomas
thomas_floodee...@mentor.com wrote:
Klocwork seems to have caught it:
Subject: Re: Coverity Scan: Would/DId It Catch the Heartbleed Defect?
On Fri, Apr 18, 2014 at 12:24 PM, Floodeenjr, Thomas
thomas_floodee...@mentor.com wrote:
Klocwork seems to have caught it:
http://www.klocwork.com/blog/software-security/saving-you-from-heartbl
eed/?mkt_tok
Is OpenSSL participating in the Coverity free scanning program for
open source software? If not, it might have caught the Heartbleed
bug. If so, why did it miss it?
See this link for the latest report on open source statistics:
On Wed, 16 Apr 2014 05:25:58 -0500
Tom Browder tom.brow...@gmail.com wrote:
Is OpenSSL participating in the Coverity free scanning program for
open source software?
Don't know.
If not, it might have caught the Heartbleed
bug.
No.
http://blog.regehr.org/archives/1128
--
Hanno Böck
On Wed, Apr 16, 2014 at 5:38 AM, Hanno Böck ha...@hboeck.de wrote:
On Wed, 16 Apr 2014 05:25:58 -0500
Tom Browder tom.brow...@gmail.com wrote:
Is OpenSSL participating in the Coverity free scanning program for
open source software?
...
Thanks for the link, Hanno!
Regards,
-Tom