[PATCH] mbedtls: fix defects in coverity scan
Tom Rini
trini at konsulko.com
Sat Oct 19 16:16:46 CEST 2024
On Sat, Oct 19, 2024 at 10:37:38AM +0100, Peter Robinson wrote:
> On Thu, 17 Oct 2024 at 00:49, Raymond Mao <raymond.mao at linaro.org> wrote:
> >
> > Fixes of unreleased buffer, deadcode and wrong variable type detected
> > by coverity scan.
> >
> > Addresses-Coverity-ID: 510809: Resource leaks (RESOURCE_LEAK)
> > Addresses-Coverity-ID: 510806: Control flow issues (DEADCODE)
> > Addresses-Coverity-ID: 510794 Control flow issues (NO_EFFECT)
>
> I think it makes sense to reference upstream commits/PRs for these
> sort of things moving forward, Tom maybe we need a policy around the
> third party libraries now we have a few more.
We should have a policy about what to do with issues found in external
libraries (Raymond is going to work with upstream) which is likely just
formally saying we'll report issues when found and depending on severity
cherry-pick the fixes once resolved. But these are issues in our glue
code, rather than upstream.
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20241019/498d33dc/attachment.sig>
More information about the U-Boot
mailing list