[Opendnssec-user] v1.4.6 static analysis results & discovered bugs

Rickard Bellgrim rickard at opendnssec.org
Sun Oct 12 21:51:55 UTC 2014


On Tue, Sep 30, 2014 at 10:06 PM, Paul Wouters <paul at nohats.ca> wrote:

> On Tue, 30 Sep 2014, Petr Spacek wrote:
>
>  Subject: [Opendnssec-user] v1.4.6 static analysis results & discovered
>> bugs
>>
>
> And here is the one for softhsm2:
>
> http://people.redhat.com/pwouters/softhsm-2.0.0b1-2.el7.html
>
> The strncpy() calls might be a little dangerous if other tools expect
> those strings to be null terminated.


 Have now fixed most of the issues in:
https://github.com/opendnssec/SoftHSMv2/pull/92

Have not fixed:
* #def127 - A lot of the crypto code is not checking the return value when
finalizing the operation during error handling. Should we fix this?
* #def128 - See above.
* #def131 - The case should have a fall through.

// Rickard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20141012/359b4550/attachment.htm>


More information about the Opendnssec-user mailing list