This is like reading a book, not understanding some words and then complaining to the author to fix their spelling. Please don't rely on SAST analysis without understanding the code. I would expect the vast majority of these are false positives - provide evidence that these are real bugs if you want them to be taken seriously.
On Thu, 7 Dec 2023 at 02:35, BILL <bill0...@gmail.com> wrote: > Hi, > > We have a coverity testing on nginx 1.20.0 and we got some errors. > Have any plan to resolve these errors? > > > Checker Number > ARRAY_VS_SINGLETON 3 > BAD_FREE 3 > BUFFER_SIZE 1 > CHECKED_RETURN 10 > COPY_PASTE_ERROR 1 > DC.WEAK_CRYPTO 18 > DEADCODE 8 > FORWARD_NULL 49 > MISSING_RESTORE 1 > NO_EFFECT 8 > NULL_RETURNS 8 > OVERRUN 12 > PW.INCLUDE_RECURSION 8 > RESOURCE_LEAK 5 > REVERSE_INULL 5 > SIGN_EXTENSION 1 > SIZEOF_MISMATCH 8 > STACK_USE 1 > STRING_NULL 1 > TAINTED_SCALAR 1 > TOCTOU 12 > UNINIT 10 > UNREACHABLE 63 > UNUSED_VALUE 4 > USE_AFTER_FREE 1 > Total 242 > _______________________________________________ > nginx mailing list > nginx@nginx.org > https://mailman.nginx.org/mailman/listinfo/nginx >
_______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx
