Sun Jul 1 19:00:40 EEST 2018

coverity scan of qmail -- 53 potential defects (with false positives)


coverity scan of qmail -- 53 potential defects (with false positives)

coverity is commercial static source code analyzer accepting some
open source projects for free.

Did a scan of djb's qmail, the results are at:

https://scan.coverity.com/projects/qmail


the tool gave only 53 defects. Quick scan suggests that the non-false
positives are logically dead code or file race conditions (might be wrong about this).

to access the defects, you will need coverity account (free,
captchas).

djb is giving monetary bounty for qmail, owing me a bounty he couldn't
reproduce because of lack of virtual memory on old freebsd ;)


Posted by djb owes me a bounty | Permanent link