No, Coverity did not catch Heartbleed.
http://security.coverity.com/blog/2014/Apr/on-detecting-heartbleed-with-static-analysis.html
On 16.04.2014, at 12:25, Tom Browder wrote:
Is OpenSSL participating in the Coverity free scanning program for
open source software? If not, it might have
[mailto:owner-openssl-us...@openssl.org]
On Behalf Of Stefan H. Holek
Sent: Friday, April 18, 2014 10:09 AM
To: openssl-users@openssl.org
Subject: Re: Coverity Scan: Would/DId It Catch the Heartbleed Defect?
No, Coverity did not catch Heartbleed.
http://security.coverity.com/blog/2014/Apr/on-detecting
On Fri, Apr 18, 2014 at 12:24 PM, Floodeenjr, Thomas
thomas_floodee...@mentor.com wrote:
Klocwork seems to have caught it:
Subject: Re: Coverity Scan: Would/DId It Catch the Heartbleed Defect?
On Fri, Apr 18, 2014 at 12:24 PM, Floodeenjr, Thomas
thomas_floodee...@mentor.com wrote:
Klocwork seems to have caught it:
http://www.klocwork.com/blog/software-security/saving-you-from-heartbl
eed/?mkt_tok
On Wed, 16 Apr 2014 05:25:58 -0500
Tom Browder tom.brow...@gmail.com wrote:
Is OpenSSL participating in the Coverity free scanning program for
open source software?
Don't know.
If not, it might have caught the Heartbleed
bug.
No.
http://blog.regehr.org/archives/1128
--
Hanno Böck
On Wed, Apr 16, 2014 at 5:38 AM, Hanno Böck ha...@hboeck.de wrote:
On Wed, 16 Apr 2014 05:25:58 -0500
Tom Browder tom.brow...@gmail.com wrote:
Is OpenSSL participating in the Coverity free scanning program for
open source software?
...
Thanks for the link, Hanno!
Regards,
-Tom