[Freeswitch-users] Checking FreeSwitch source code
mike at jerris.com
Wed Oct 14 01:55:40 MSD 2015
Yes, they notified us a few days ago about it, and we are talking to them about getting access to the software so we can see how well it can help us. Good news at least is it doesn't appear to have found any security issues, but it did find a number of typos, mostly in error cases that are not hit very often. We will be fixing these issues shortly once we have access to the full report so we can review it all properly. As it happens, we do have ongoing work with a number of similar scanners that we use to help improve overall code quality. These tools all seem to have different strengths and weaknesses when it comes to what they can find and what their false positive rate is. This tool is somewhat interesting in that it is the only windows based tool we have had scan this code other than the built in microsoft code analysis functions, so it appears to have found a number of small windows specific issues we have not seen from other tools.
> On Oct 13, 2015, at 5:15 PM, Igor Olhovskiy <igorolhovskiy at gmail.com> wrote:
> I don't know, if developers and maintainers noticed this: http://www.viva64.com/en/b/0351/ <http://www.viva64.com/en/b/0351/>
> Might be helpful )
> Best regards,
-------------- next part --------------
An HTML attachment was scrubbed...
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users