LGMT is a continuous security analysis adopted by many projects like curl, apache, nodejs etc. and, after doing some analysis in MHD, the service issued one warning and eight recommendations.
It seems the only relevant recommendation is regarding an Empty block without comment, however, the warning is a little bit serious, The size argument of this snprintf call is derived from its return value, which may exceed the size of the buffer and overflow, issued here.
Both warning(s)/recommendation(s) can be accessed here.
Hi dudes.
LGMT is a continuous security analysis adopted by many projects like curl, apache, nodejs etc. and, after doing some analysis in MHD, the service issued one warning and eight recommendations.
It seems the only relevant recommendation is regarding an Empty block without comment, however, the warning is a little bit serious, The size argument of this snprintf call is derived from its return value, which may exceed the size of the buffer and overflow, issued here.
Both warning(s)/recommendation(s) can be accessed here.
Thank you!