Yes, I suppose it is easier to look for something, after you already know what to look for. ;)
-----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Jeffrey Walton Sent: Friday, April 18, 2014 11:16 AM To: OpenSSL Users List Subject: Re: Coverity Scan: Would/DId It Catch the Heartbleed Defect? On Fri, Apr 18, 2014 at 12:24 PM, Floodeenjr, Thomas <thomas_floodee...@mentor.com> wrote: > Klocwork seems to have caught it: > > http://www.klocwork.com/blog/software-security/saving-you-from-heartbl > eed/?mkt_tok=3RkMMJWWfF9wsRolva7JZKXonjHpfsX56%2B4tX6CwlMI%2F0ER3fOvrP > UfGjI4FTsZrI%2BSLDwEYGJlv6SgFSrbAMah1ybgNUxE%3D > It looks like it was caught with hand tuning; and not out of the box. If hand tuning is OK, then it looks like Coverity also caught it. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
