Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 3452] Potential Software vulnerabilities detected using ESBMC-WR tool
bugzilla-daemon at mindrot
Jun 26, 2022, 4:31 PM
Post #1 of 1 (107 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=3452

Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |INVALID
CC| |djm@mindrot.org

--- Comment #1 from Damien Miller <djm@mindrot.org> ---
Most of these are completely obvious false positives. E.g.

> State 6 file sshkey.c line 1081 function fingerprint_bubblebabble thread 0
> ----------------------------------------------------
> Violated property:
> file sshkey.c line 1081 function fingerprint_bubblebabble
> dereference failure: array bounds violated

The array is allocated to be sufficiently sized literally in the
previous line.

Please forgive my bluntness, but low quality reports like this do
nothing but waste our time - there is no discernable signal among the
noise.

Please do not submit more unless they have been assessed by a human.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal