Coverity Open Source Defect Scan of Samba

Stefan (metze) Metzmacher metze at
Mon Mar 6 09:15:59 GMT 2006

Hash: SHA1

Jeremy Allison schrieb:
> On Sun, Mar 05, 2006 at 09:35:56PM -0800, Ben Chelf wrote:
>> Hello Samba Developers,
>>   I'm the CTO of Coverity, Inc., a company that does static source code 
>> analysis to look for defects in code. You may have heard of us or of our 
>> technology from its days at Stanford (the "Stanford Checker"). The 
>> reason I'm writing is because we have set up a framework internally to 
>> continually scan open source projects and provide the results of our 
>> analysis back to the developers of those projects. Samba is one of the 
>> 32 projects currently scanned at:
>> see the latest results.
>>   Right now, we're guarding access to the actual defects that we report 
>> for a couple of reasons: (1) We think that you, as developers of Samba, 
>> should have the chance to look at the defects we find to patch them 
>> before random other folks get to see what we found and (2) From a 
>> support perspective, we want to make sure that we have the appropriate 
>> time to engage with those who want to use the results to fix the code. 
>> Because of this second point, I'd ask that if you are interested in 
>> really digging into the results a bit further for your project, please 
>> have a couple of core maintainers (or group nominated individuals) reach 
>> out to me to request access. As this is a new process for us and still 
>> involves a small number of packages, I want to make sure that I 
>> personally can be involved with the activity that is generated from this 
>> effort.

Hi Ben,

I'm also very interested in having access to the results.

would it be possible to run this tests against the SAMBA_3_0 and SAMBA_4_0 branch?

- --

Stefan Metzmacher <metze at>
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Mozilla -


More information about the samba-technical mailing list