[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Source Code Static Analisys



On Sat, Apr 27, 2013 at 7:16 PM, Ulises Cuñé <ulises2k@xxxxxxxxx> wrote:
> I want colaborate with Tor project.
>
> I send a document of analys source code about the lasted version

Well, looks like I'm spending my evening combing through this thing
looking for true-positives.  If you find any that aren't
false-positives --- particularly security-relevant ones --- please
send me a gpg-encrypted mail or something.  Sending them to the
mailing list like this isn't so great.

(Does the Fortify license actually let you do this? I thought most
tools like this were a little picky about what code you could run them
on, and what you could do with the results.)

best wishes,
-- 
Nick
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev