On Mon, Sep 10, 2018 at 8:44 AM, Matt Caswell wrote:
> As far as the release criteria go we only count the ones shown in the
> Coverity tool. That's not to say we shouldn't fix issues in the tests as
> well (and actually I'd suggest we stop filtering out problems in the
> tests if anyone knows
On Sun, Sep 09, 2018 at 11:44:33PM +0100, Matt Caswell wrote:
>
> As far as the release criteria go we only count the ones shown in the
> Coverity tool. That's not to say we shouldn't fix issues in the tests as
> well (and actually I'd suggest we stop filtering out problems in the
> tests if
> > *** CID 1439137: Integer handling issues (NEGATIVE_RETURNS)
> > work in progress...
>
> I think this one may be a false positive -- it's worried that EVP_MD_size()
> will return -1, but we've essentially already validated that the md is
> valid by the time we get there. I didn't do a
liche Nachricht-
> > Von: openssl-project Im Auftrag von
> > Benjamin Kaduk
> > Gesendet: Sonntag, 9. September 2018 18:04
> > An: openssl-project@openssl.org
> > Betreff: [openssl-project] coverity defect release criteria (Fwd: New
> > Defects reported by C
ptember 2018 18:04
> An: openssl-project@openssl.org
> Betreff: [openssl-project] coverity defect release criteria (Fwd: New Defects
> reported by Coverity Scan for openssl/openssl)
>
> I see that Matthias has opened pull requests for a couple of these already;
> are you pla
this is a false
positive.
Matthias
> -Ursprüngliche Nachricht-
> Von: openssl-project Im Auftrag von
> Benjamin Kaduk
> Gesendet: Sonntag, 9. September 2018 18:04
> An: openssl-project@openssl.org
> Betreff: [openssl-project] coverity defect release criteria (Fwd: New D