[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Source Code Static Analisys



I send you a new Security Report.

Regards,
U


2013/4/27 Nick Mathewson <nickm@xxxxxxxxxxxx>
On Sat, Apr 27, 2013 at 7:16 PM, Ulises CuÃÃ <ulises2k@xxxxxxxxx> wrote:
> I want colaborate with Tor project.
>
> I send a document of analys source code about the lasted version

Well, looks like I'm spending my evening combing through this thing
looking for true-positives. ÂIf you find any that aren't
false-positives --- particularly security-relevant ones --- please
send me a gpg-encrypted mail or something. ÂSending them to the
mailing list like this isn't so great.

(Does the Fortify license actually let you do this? I thought most
tools like this were a little picky about what code you could run them
on, and what you could do with the results.)

best wishes,
--
Nick
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Attachment: tor-0.2.3.25_-_Fortify_Security_Report.pdf
Description: Adobe PDF document

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev