https://bugzilla.mindrot.org/show_bug.cgi?id=3167
Bug ID: 3167
Summary: Bugs found by static tests
Product: Portable OpenSSH
Version: 8.2p1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: [email protected]
Reporter: [email protected]
Running the current version of openssh-portable through SonarQube
revealed a number of bugs.
While there are a lot of false positives or simply unimportant bugs, I
found several areas that seem like legitimate coding errors.
https://sonarcloud.io/project/issues?id=openssh-portable_allfeatures&open=AXIu_cwVij8m0Z5KWuok&resolved=false&types=BUG
https://sonarcloud.io/project/issues?id=openssh-portable_allfeatures&open=AXIu_cwVij8m0Z5KWuop&resolved=false&types=BUG
https://sonarcloud.io/project/issues?id=openssh-portable_allfeatures&open=AXIu_cwxij8m0Z5KWutU&resolved=false&types=BUG
https://sonarcloud.io/project/issues?id=openssh-portable_allfeatures&open=AXIu_c8Tij8m0Z5KWvbw&resolved=false&types=BUG
https://sonarcloud.io/project/issues?id=openssh-portable_allfeatures&open=AXIu_c2tij8m0Z5KWvEw&resolved=false&types=BUG
https://sonarcloud.io/project/issues?id=openssh-portable_allfeatures&open=AXIu_c21ij8m0Z5KWvE9&resolved=false&types=BUG
The complete report can be found here:
https://sonarcloud.io/project/issues?id=openssh-portable_allfeatures&open=AXIu_c21ij8m0Z5KWvE9&resolved=false&types=BUG
At a first glance I found also issues in the test cases:
https://sonarcloud.io/project/issues?id=openssh-portable-tests&open=AXIu8yLf_34BaxGawOJ2&resolved=false&tags=pitfall&types=BUG
https://sonarcloud.io/project/issues?id=openssh-portable-tests&open=AXIu8yLf_34BaxGawOKT&resolved=false&severities=CRITICAL&types=BUG
I have not gone through all of the reported bugs yet.
The use after free bugs probably need some closer look.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
