This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: NEWS: mention Coverity bug fixes

"Dave Korn" <dave.korn@artimi.com> writes:

> On 22 August 2007 16:51, Ian Lance Taylor wrote:
> 
> > msnyder@sonic.net writes:
> > 
> >> + * 37 Coverity issues fixed in bfd, including potential static array
> >> +   overruns, null pointer dereferences and use of malloc buffer after
> >> +   free.  Coverity generously runs its static analysis suite on the
> >> +   GNU tools without charge.
> > 
> > It's nice of Coverity to run these analyses for us, but do we feel OK
> > about advertising non-free software in a GNU package?
> > 
> > Ian
> 
> 
>   Are we advertising their software, or are we giving credit to the organisation
> for the voluntary work they've done for us?  I feel basically OK about credit
> where credit's due.
> 
>   For comparison, IBM and HP are two firms who make lots of proprietary software,
> yet have acknowledgements of their contributions to the gcc project listed at
> http://gcc.gnu.org/news.html

Contributions I have no problem with.  But the note above is
effectively advertising the static analysis suite.

How about something more like:

* Thanks to Coverity for reporting 37 different potential problems in
  BFD.  These were all fixed.

Ian
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]