[Freeswitch-dev] Static analysis tool Cppcheck discovered many errors in FreeSWITCH code
vmancic at ooma.com
Tue Aug 30 21:19:23 MSD 2016
And how to get the latest master branch?
Od: freeswitch-dev-bounces at lists.freeswitch.org [freeswitch-dev-bounces at lists.freeswitch.org] u ime korisnika Michael Jerris [mike at jerris.com]
Poslato: 30. avgust 2016 16:05
Za: freeswitch-dev at lists.freeswitch.org
Tema: Re: [Freeswitch-dev] Static analysis tool Cppcheck discovered many errors in FreeSWITCH code
The correct way to do this would be to run this on the latest master branch of freeswitch and file and potential issues as security issues in Jira. Yes, many hundreds of issues have been fixed since 1.4 (1.4 is now eol) and we make use of static analysis tools. Static analysis tools in general have very high false positive rate, we do our best to address issues found with them, but they require much more than running a tool and getting a report. Every single one of those reports needs to be investigated, confirmed if its actually valid (typically 80%+ are not), reported.
On Aug 30, 2016, at 9:07 AM, Vladimir Mancic <vmancic at ooma.com<mailto:vmancic at ooma.com>> wrote:
Static analysis tool Cppcheck discovered many errors in FreeSWITCH v1.4 code (memory leaks, resource leaks, double frees,...):
- memleak (76 occurances)
- memleakOnRealloc (12 occurances)
- resourceLeak (21 occurances)
- doubleFree (more than 100 occurances)
Is this known to the FreeSWITCH community, and has there been any work on it in more recent versions of FreeSWITCH?
Professional FreeSWITCH Consulting Services:
consulting at freeswitch.org<mailto:consulting at freeswitch.org>
Official FreeSWITCH Sites
FreeSWITCH-dev mailing list
FreeSWITCH-dev at lists.freeswitch.org<mailto:FreeSWITCH-dev at lists.freeswitch.org>
-------------- next part --------------
An HTML attachment was scrubbed...
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-dev