Re: OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + ho
In message <D18165F1-0213-4A1F-96F4-6E0F6F735C69@cederstrand.dk>,
Erik Cederstrand <erik@cederstrand.dk> wrote:
>As others have pointed out, 'too hard' can also mean 'too hard' to get
>someone with commit access to actually commit the patch and accept the
>risk of introducing new bugs. Case in point: I contributed this
>one-liner patch for ZFS found by Clang Analyzer, adding the __noreturn__
>pragma you also mention: https://www.illumos.org/issues/3363. For 1,5
>years, I have been unable to get anyone from FreeBSD or Illumos to
>commit it or even review it.
Ah! OK. That is a different sort of problem entirely, and one for which
I personally have no suggestion, nor any ready answer.
Regards,
rfg
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 24 之 49 篇):