[ntp:commitlogs] incoming pull in whimsy.udel.edu:/deacon/backroom/ntp-dev

Harlan Stenn stenn at whimsy.udel.edu
Sat Aug 8 20:30:53 UTC 2009


VAR       CLIENT              SERVER              
===       ======              ======              
USER      stenn               stenn               
HOST      whimsy.udel.edu     pogo.udel.edu       
ROOT      /deacon/backroom/ntp-dev/pogo/users/hart/ntp-dev-1279
LEVEL     1                   1                   
TIME_T    1223742767          1238418126          
UTC       20081011163247      20090330130206      
VERSION   bk-4.2              bk-4.3.1            

stenn at whimsy.udel.edu fired the post-incoming--010commitlogs trigger in /deacon/backroom/ntp-dev
    Received the following changesets
    
    ChangeSet at 1.1944, 2009-08-08 17:30:14+00:00, davehart at shiny.ad.hartbrothers.com +21 -0
      First pass at quieting Veracode static analysis warnings,
        mostly buffer manipulation that is already safe but used
        unsafe interface functions such as strcpy() and sprintf().
      use emalloc(), estrdup() where appropriate.
    
      libntp/msyslog.c at 1.23, 2009-08-08 17:30:11+00:00, davehart at shiny.ad.hartbrothers.com +7 -6
        use memcpy instead of strcpy to quiet Veracode analysis warning
    
      libntp/ntp_rfc2553.c at 1.39, 2009-08-08 17:30:11+00:00, davehart at shiny.ad.hartbrothers.com +2 -6
        use estrdup() instead of malloc() then strcpy()
    
      libntp/statestr.c at 1.17, 2009-08-08 17:30:11+00:00, davehart at shiny.ad.hartbrothers.com +5 -4
        sprintf() -> snprintf() Veracode
    
      libparse/parse.c at 1.13, 2009-08-08 17:30:11+00:00, davehart at shiny.ad.hartbrothers.com +1 -1
        See if cast is enough to quiet Veracode int truncation warning
    
      ntpd/ntp_config.c at 1.199, 2009-08-08 17:30:11+00:00, davehart at shiny.ad.hartbrothers.com +7 -3
        sprintf()->snprintf()
        check for unlink() failure
    
      ntpd/ntp_control.c at 1.112, 2009-08-08 17:30:11+00:00, davehart at shiny.ad.hartbrothers.com +28 -27
        strcpy() + strcat() -> snprintf()
        strcpy() -> memcpy()
        correct 'be" buffer end calculations
    
      ntpd/ntp_intres.c at 1.64, 2009-08-08 17:30:11+00:00, davehart at shiny.ad.hartbrothers.com +7 -3
        check for unlink() failure
        ensure zero termination with strncpy()
    
      ntpd/ntp_io.c at 1.295, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +1 -0
        ensure null termination with strncpy
    
      ntpd/ntp_scanner.c at 1.22, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +30 -5
        bounds-check access to yytext[]
    
      ntpd/ntp_signd.c at 1.2, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +1 -4
        use emalloc()
    
      ntpd/ntp_util.c at 1.73, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +8 -3
        check for rename(), _unlink() failures
    
      ntpd/ntpd.c at 1.106, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +7 -3
        add chdir("/") after chroot(), can't hurt and Veracode wants it
    
      ntpd/refclock_acts.c at 1.36, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +0 -3
        emalloc() never returns NULL
    
      ntpd/refclock_bancomm.c at 1.11, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +2 -3
        use emalloc()
    
      ntpd/refclock_datum.c at 1.13, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +1 -1
        use emalloc()
    
      ntpd/refclock_oncore.c at 1.78, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +7 -24
        use emalloc()
    
      ntpdate/ntpdate.c at 1.68, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +1 -1
        use emalloc()
    
      ntpdc/ntpdc.c at 1.67, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +1 -5
        use emalloc()
    
      ntpq/ntpq-subs.c at 1.32, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +2 -26
        remove strsave from ntpq, same as libntp's estrdup()
    
      ports/winnt/libisc/isc_strerror.c at 1.8, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +9 -6
        use emalloc()
        #undef our strerror() before calling the CRT version, infinite 
          recursion is no fun
    
      ports/winnt/ntpd/ntp_iocompletionport.c at 1.47, 2009-08-08 17:30:12+00:00, davehart at shiny.ad.hartbrothers.com +8 -5
        calloc() -> emalloc() then memset zero
    


More information about the commitlogs mailing list