[Opendnssec-user] v1.4.6 static analysis results & discovered bugs
Rickard Bellgrim
rickard at opendnssec.org
Sun Oct 12 21:51:55 UTC 2014
On Tue, Sep 30, 2014 at 10:06 PM, Paul Wouters <paul at nohats.ca> wrote:
> On Tue, 30 Sep 2014, Petr Spacek wrote:
>
> Subject: [Opendnssec-user] v1.4.6 static analysis results & discovered
>> bugs
>>
>
> And here is the one for softhsm2:
>
> http://people.redhat.com/pwouters/softhsm-2.0.0b1-2.el7.html
>
> The strncpy() calls might be a little dangerous if other tools expect
> those strings to be null terminated.
Have now fixed most of the issues in:
https://github.com/opendnssec/SoftHSMv2/pull/92
Have not fixed:
* #def127 - A lot of the crypto code is not checking the return value when
finalizing the operation during error handling. Should we fix this?
* #def128 - See above.
* #def131 - The case should have a fall through.
// Rickard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20141012/359b4550/attachment.htm>
More information about the Opendnssec-user
mailing list