[ofiwg] libfabric static analysis

Odzioba, Lukasz lukasz.odzioba at intel.com
Wed Jan 13 20:22:00 PST 2016


Hi,
Libfabric 1.1.0 is distributed in a software package for Xeon Phi with some other open source software.
We use static analysis on all sources which found some potential issues with it.

I would like to provide cleaned up list, but unfortunately I do not have time to investigate and my opinion might not be valid in all cases.
Since there are plenty of them some might require a CVE.

Would you like me to send you the full list of potential issues (it is for 1.1.0, but from what I saw most of it is still relevant)?
If so please provide me an email to contact person responsible project security (since list might contain vulnerabilities I would prefer to no post it publicly).

Thanks,
Lukas



More information about the ofiwg mailing list