Static code analyse of the libical library
Milan Crha
mcrha at redhat.com
Mon Jun 6 01:06:44 PDT 2016
On Sat, 2016-06-04 at 12:21 -0400, Allen Winter wrote:
> I just ran Coverity on the glib branch.
> You can see the results here -> https://scan.coverity.com/projects/li
> bical-libical/view_defects
Hi,
I ran the scan on the glib branch at commit
13b48609e38bdadfdb9c5657b32a4fea0c46eb91 with the patch from [1]
applied and the result can be found here [2] (I'm sorry, I do not have
a publicly accessible address for those results, thus I copied it
elsewhere). You can see at the bottom of [2] what tools were run on it
and in which versions. The summary of the detected issues and
suggestions [3] is slightly longer than the single Coverity Scan, it
counts down to defect #238. On the other hand, as I mentioned earlier,
there can be false positives.
Bye,
Milan
[1] http://lists.infradead.org/pipermail/libical-devel/2016-June/000710.html
[2] https://people.gnome.org/~mcrha/libical/glib-branch-20160606.html
[3] Summary of the detected issues and suggestions:
1 ARRAY_VS_SINGLETON
2 CHAR_IO
4 CHECKED_RETURN
61 CLANG_WARNING
9 CPPCHECK_WARNING
6 DC.WEAK_CRYPTO
4 DEADCODE
13 FORWARD_NULL
1 IDENTIFIER_TYPO
1 MISSING_BREAK
1 NEGATIVE_RETURNS
4 NULL_RETURNS
3 OVERRUN
19 PASS_BY_VALUE
88 RESOURCE_LEAK
6 REVERSE_INULL
7 TAINTED_SCALAR
1 TOCTOU
4 UNINIT
3 USE_AFTER_FREE
More information about the libical-devel
mailing list