Re: Findings by static analyzers in Fedora 42 Critical Path Packages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Just out of curiosity, in the fclose(..) case, my original thought was that the exit(1) call would close the file descriptor. Is it still necessary because of a possibility of some atexit hanging the process and holding the fd longer than expected, hence the possible resource leak? Or is it because of something else?

Thank you,
Carlos R.F.

On 11/14/24 10:14 PM, Carlos Rodriguez-Fernandez wrote:
Thanks for sharing the report. I looked into the libcap ones and they all appear to be false positives, but I can see why gcc struggles to figure it out. I forwarded them to the upstream developer for confirmation.

Thank you,
Carlos R.F.

On 11/14/24 12:47 AM, Siteshwar Vashisht wrote:
Hello,

I am writing this message to get feedback from the community on new
findings by static analyzers in Critical Path Packages that have
changed in Fedora 42.

TLDR: This report[1] contains 37330 findings. Please review the report
and provide feedback.

A mass scan was performed this week on the packages that have changed
in Fedora 42. This report[1] contains all the new findings that have
been identified in the packages listed in Critical Path Packages.
Newly added findings since Fedora 41 are listed under ‘+’ column.
Please review the report and fix or report any findings upstream that
may be real bugs. Not all findings reported by OpenScanHub may be
actual bugs, so please verify reported findings before investing time
into fixing or reporting them. We hope this is helpful for the
packages you maintain and for the upstream projects. Questions can be
asked on the OpenScanHub mailing list[2]. If you want to see the full
logs of the scans, they are available on the tasks[3] page. User
documentation for performing a scan is available on the Fedora
wiki[4].

Constructive feedback is appreciated. Thank you!

[1] https://svashisht.fedorapeople.org/openscanhub/mass-scans/f42-13- Nov-2024/ [2] https://lists.fedoraproject.org/archives/list/ openscanhub@xxxxxxxxxxxxxxxxxxxxxxx/
[3] https://openscanhub.fedoraproject.org/task/
[4] https://fedoraproject.org/wiki/OpenScanHub



Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

-- 
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux