[Opendnssec-user] SoftHSM devel list?

[Petr Spacek]

On 25.6.2014 20:00, Jakob Schlyter wrote:
> On 24 jun 2014, at 12:49, Petr Spacek <pspacek at redhat.com> wrote:
>
>> I'm looking for the right place to discuss SoftHSM development, SoftHSM feature/patch submission guidelines etc.
>>
>> Should I use opendnssec-user for this purpose?
>
> or opendnssec-develop. or, if you prefer, we could set up another list for SoftHSM only.
I have sent subscription request but it waits for moderator approval.

>> Is pull request on Github the preferred way to submit patches?
>
> yes. please remember to base all patches from the develop branch though.
>
>> Is it okay to send output from Coverity static analyzer here or to issues.opendnssec.org? Sometimes it points to security problems in the code and I would like to know what is your policy about this.
>
> Sure. If you feel that there are serious security issues, please contact Rickard or me directly for now.
I went quickly through defect report and it doesn't seem serious so I'm 
attaching the report to this e-mail.

- BUFFER_SIZE_WARNING seems like "strcpy vs. memcpy" problem.
- CHECKED_RETURN usually points to bugs in error handling.
- FORWARD_NULL could be also interesting.

Rest of the report is more about resource leaks and other "noise" but it could 
also point to some problems.

It was generated with:
- Coverity Static Analysis version 7.0.3
- running on Fedora 20 x86_64
- with few custom library models

Let me know if it is useful for you, I can send you the report from time to time.

I will move to opendnssec-devel list when my subscription is approved :-)

-- 
Petr Spacek  @  Red Hat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20140626/377f48a8/attachment.html>