Re: OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + ho
Erik Cederstrand wrote this message on Wed, Apr 23, 2014 at 12:06 +0200:
> Den 23/04/2014 kl. 03.12 skrev Ronald F. Guilmette <rfg@tristatelogic.com>:
> >
> > In message <20140423010054.2891E143D098@rock.dv.isc.org>,
> > Mark Andrews <marka@isc.org> wrote:
> >
> >> As for the number of CLANG analysis warnings. Clang has false
> >> positives
> >
> > Please define your terms.
> >
> > I do imagine that the truth or falsehood of your assertion may depend
> > quite substantally on what one does or does not consider a "false
> > positive" in this context.
>
> Have a look at the ~10.000 reports at http://scan.freebsd.your.org/freebsd-head/ (unavailable ATM). Silly things are reported like missing return at the end of main()
Considering that this is legal C99, it is very silly, from 5.1.2.2.3 of
the C99 spec:
reaching the } that terminates the main function returns a value of 0.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 9 之 49 篇):