[ofiwg] libfabric static analysis
Odzioba, Lukasz
lukasz.odzioba at intel.com
Wed Jan 13 20:22:00 PST 2016
Hi,
Libfabric 1.1.0 is distributed in a software package for Xeon Phi with some other open source software.
We use static analysis on all sources which found some potential issues with it.
I would like to provide cleaned up list, but unfortunately I do not have time to investigate and my opinion might not be valid in all cases.
Since there are plenty of them some might require a CVE.
Would you like me to send you the full list of potential issues (it is for 1.1.0, but from what I saw most of it is still relevant)?
If so please provide me an email to contact person responsible project security (since list might contain vulnerabilities I would prefer to no post it publicly).
Thanks,
Lukas
More information about the ofiwg
mailing list