[Bug 3452] Potential Software vulnerabilities detected using ESBMC-WR tool
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon Jun 27 09:31:51 AEST 2022
https://bugzilla.mindrot.org/show_bug.cgi?id=3452
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |INVALID
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Most of these are completely obvious false positives. E.g.
> State 6 file sshkey.c line 1081 function fingerprint_bubblebabble thread 0
> ----------------------------------------------------
> Violated property:
> file sshkey.c line 1081 function fingerprint_bubblebabble
> dereference failure: array bounds violated
The array is allocated to be sufficiently sized literally in the
previous line.
Please forgive my bluntness, but low quality reports like this do
nothing but waste our time - there is no discernable signal among the
noise.
Please do not submit more unless they have been assessed by a human.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list