coderforlife
commented
8 years ago Interesting, but it will take some time before I can get around to doing anything related to this - at least a few weeks.
I do know that there are several "dangerous" parts in the code, that I have been able to mostly reason out as being impossible, but not trivially so. I predict some of these are showing up. However, my logic could always be flawed...
On Sat, Oct 10, 2015 at 6:15 PM, Evan Nemerson notifications@github.com wrote:
I'm running Squash through Coverity Scan https://scan.coverity.com/, and it identifies several potential issues in ms-compress (at least some of which seem legitimate).
The results aren't public, and it's kind of difficult to just list what it finds since the logic of how it reaches that conclusion is often important, but I can try to summarize if you want. The other options would be to sign of for an account and run the scan yourself, or I could invite you to view the report from Squash.
— Reply to this email directly or view it on GitHub https://github.com/coderforlife/ms-compress/issues/22.
nemequ
I'm running Squash through Coverity Scan, and it identifies several potential issues in ms-compress (at least some of which seem legitimate).
The results aren't public, and it's kind of difficult to just list what it finds since the logic of how it reaches that conclusion is often important, but I can try to summarize if you want. The other options would be to sign of for an account and run the scan yourself, or I could invite you to view the report from Squash.