Ethereal

Re: [Ethereal-dev] Re: [Ethereal-cvs] rev 17504: /trunk/gtk/: main.c
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-dev: March 2006

 

That is, the alleged defect that Coverity found is not really a defect.

Basically, we're trading resources. The Coverity tool has discovered
some problem spots in our source code, but there's plenty of false
positives. So in return for the true positives, we supply Coverity
with our man-hours to find the false positives --- essentially
debugging the Coverity tool itself.

It's a good tradeoff if the true positives found by Coverity are
severe enough to be security bugs in Ethereal.

--gilbert

On 3/7/06, Ulf Lamping <ulf.lamping@xxxxxx> wrote:
> Gerald Combs wrote:
> > Coverity's software is nice in that it gives you ways to mark a defect
> > is invalid.  Quite a few entries in Ethereal's defect list have been
> > marked thusly.
> >
> >
> "a defect is invalid"?!?
>
> I still just don't get the point ...
>
> Regards, ULFL
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>
>

Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.