Re: [openssl-project] coverity defect release criteria (Fwd: New Defects reported by Coverity Scan for openssl/openssl)

2018-09-09 Thread Dr. Matthias St. Pierre
> > *** CID 1439137: Integer handling issues (NEGATIVE_RETURNS) > > work in progress... > > I think this one may be a false positive -- it's worried that EVP_MD_size() > will return -1, but we've essentially already validated that the md is > valid by the time we get there. I didn't do a

Re: [openssl-project] coverity defect release criteria (Fwd: New Defects reported by Coverity Scan for openssl/openssl)

2018-09-09 Thread Benjamin Kaduk
On Sun, Sep 09, 2018 at 10:38:50PM +, Dr. Matthias St. Pierre wrote: > preliminary status report: > > *** CID 1439138: Integer handling issues (NEGATIVE_RETURNS) > see https://github.com/openssl/openssl/pull/7156 > > *** CID 1439137: Integer handling issues (NEGATIVE_RETURNS)

Re: [openssl-project] coverity defect release criteria (Fwd: New Defects reported by Coverity Scan for openssl/openssl)

2018-09-09 Thread Matt Caswell
On 09/09/18 19:31, Dr. Matthias St. Pierre wrote: > I am currently occupied with other things, so I won't be able to look at it > before later this evening or tomorrow. > > I also had a quick look at CID 1423323 (see below) but I was unable to see > why 'pkey' would be a NULL pointer > when

Re: [openssl-project] coverity defect release criteria (Fwd: New Defects reported by Coverity Scan for openssl/openssl)

2018-09-09 Thread Dr. Matthias St. Pierre
preliminary status report: *** CID 1439138: Integer handling issues (NEGATIVE_RETURNS) see https://github.com/openssl/openssl/pull/7156 *** CID 1439137: Integer handling issues (NEGATIVE_RETURNS) work in progress... *** CID 1439136: Resource leaks

Re: [openssl-project] coverity defect release criteria (Fwd: New Defects reported by Coverity Scan for openssl/openssl)

2018-09-09 Thread Dr. Matthias St. Pierre
I am currently occupied with other things, so I won't be able to look at it before later this evening or tomorrow. I also had a quick look at CID 1423323 (see below) but I was unable to see why 'pkey' would be a NULL pointer when passed to 'EVP_PKEY_up_ref'. So I'm not sure yet whether this is

[openssl-project] coverity defect release criteria (Fwd: New Defects reported by Coverity Scan for openssl/openssl)

2018-09-09 Thread Benjamin Kaduk
I see that Matthias has opened pull requests for a couple of these already; are you planning to work through the rest of them as well? -Ben On Sun, Sep 09, 2018 at 09:28:12AM +, scan-ad...@coverity.com wrote: > Hi, > > Please find the latest report on new defect(s) introduced to

Re: [openssl-project] Please freeze the repo

2018-09-09 Thread Richard Levitte
In message <22962ad7-6232-dcd7-4ec4-11544360f...@openssl.org> on Sun, 9 Sep 2018 11:34:18 +0100, Matt Caswell said: > Please can someone freeze the repo: > > ssh openssl-...@git.openssl.org freeze openssl matt Done -- Richard Levitte levi...@openssl.org OpenSSL Project

Re: [openssl-project] Please freeze the repo

2018-09-09 Thread Tim Hudson
Done. Tim. On Sun, Sep 9, 2018 at 8:34 PM, Matt Caswell wrote: > Please can someone freeze the repo: > > ssh openssl-...@git.openssl.org freeze openssl matt > > > Thanks > > Matt > ___ > openssl-project mailing list > openssl-project@openssl.org >

[openssl-project] Please freeze the repo

2018-09-09 Thread Matt Caswell
Please can someone freeze the repo: ssh openssl-...@git.openssl.org freeze openssl matt Thanks Matt ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project