|
From: | Dor Laor |
Subject: | Re: [Qemu-devel] [RFC] QEMU Code Audit Team |
Date: | Sun, 08 Jan 2012 16:01:10 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20111222 Thunderbird/9.0 |
On 01/06/2012 07:25 PM, Chris Wright wrote:
* Corey Bryant (address@hidden) wrote:Count me in for step 2. A good approach may be to run a static analysis tool against the code, followed by a manual scan of the code for common vulnerabilities that static analysis can't find.Good idea. Folks are already running things like Coverity. The false positive rate is high enough that it's a lot to wade through at first (so extra eyes could be quite helpful here). Perhaps the people who are involved in this could share some of their findings.
Markus already done a pretty extensive review and cleanup using Coverity. I'm not sure if he managed to cover all the real issues, have you?
btw: in case a real security flaw is detected, I like to ask the audit volunteering folks to report a CVE [1] and not to disclose the info till an embargo is raised.
I think that kvm and qemu need to have a security page like this: http://www.webkit.org/security/ Cheers, Dor [1] http://oss-security.openwall.org/wiki/disclosure/cve
thanks, -chris
[Prev in Thread] | Current Thread | [Next in Thread] |