Leo, > Attached is the most detailed report available with Fortify (Developer > Workbook). Our Tools team also select all options for the Executive Summary > report. I'll have to think about the reported issues with the libxml2 subpackage because I'm not the developer of that package. Do you already have an XML2 library on your systems (e.g., /usr/lib/libxml2.a, /usr/lib/libxml2.so)? If so, would you be willing to use it? The following issues are with the LDM code proper: backend.c, line 331 (Dangerous Function: strcpy()): This use of strcpy() in this instance is safe by inspection. backend.c: line 1007 (Double Free): Fixed in the next release. conftest.c, line 89 (Process Control): The file "conftest.c" is a feature test-file created during build-time by the configure(1) script. It may safely be ignored. backend.c, line 1007 (Use After Free): Fixed in the next release. The report says that it found 259 issues, but only 82 issues were detailed. Why the discrepancy? > Regards, > > //SIGNED// > Leo R. Rivard, Contractor, AFWA/SEMS > SEMS II Database Architect > Northrop Grumman Information Systems > email: address@hidden > COMM: 402-232-0271 / DSN: 272-0271 > Alternate Email: address@hidden Regards, Steve Emmerson Ticket Details =================== Ticket ID: TXB-774930 Department: Support LDM Priority: Normal Status: Closed
NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.