[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Libcdio-devel] [PATCH] buffer overflow and fixes from static analys
|
From: |
Rocky Bernstein |
|
Subject: |
Re: [Libcdio-devel] [PATCH] buffer overflow and fixes from static analysis |
|
Date: |
Mon, 30 May 2011 15:27:03 -0400 |
The patches you attached have been applied with some changes.
Some changes were needed because you patched against the last release
version rather than the current git sources.
One change to lib/driver/gnu_linux.c was:
+ if ( mnt_dev && mnt_dev ) {
which is weird to test against the same thing. I assume you meant:
+ if ( mnt_type && mnt_dev ) {
?
I don't have the Coverty static analysis tool. So please check over the
current git sources to see if brings up any problems that might have been
introduced since 0.82 or in my applying the patches with changes.
On Mon, May 30, 2011 at 5:58 AM, Honza Horak <address@hidden> wrote:
> On 05/19/2011 03:38 PM, Honza Horak wrote:
>
>> ...
>>
> >
>
>> The second patch (libcdio-0.82-staticanal.patch) was prepared on the
>> basis of a static analysis by Coverity tool. I've then checked the
>> mistakes and proposed fixes for them. There are mostly resource leaks,
>> return value checking, missing breaks etc.
>>
>> If you won't found any issue concerning the fixes, please, apply the
>> patches to make libcdio a bit better.
>>
>
> I've found out that some issues can be handled in a better way. The
> attached patch can be applied instead of the previous one.
> Cheers
>
> Honza
> <javascript:void(0);>
>