Coverity Scan: Analysis completed for varnish

Dridi Boukelmoune dridi at varni.sh
Mon Nov 20 12:35:49 UTC 2023 

On Mon, Nov 20, 2023 at 8:11 AM <scan-admin at coverity.com> wrote:
>
>
>     Your request for analysis of varnish has been completed successfully.
>     The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yrJbcjUxJo9eCHXi2QbgV6m5FSuTtQOxGY1oSL52Ydbrw-3D-3DoMch_WyTzqwss9kUEGhvWd0SG502mTu1yasCtuh9h-2FD3Je4-2B1YrCNgUzvmy9ARK83qQKiZ8s3KpzAY1kug4Y-2B6DtdQ0CUSnTmZa4-2FrTabEi7ESQvN1IAjfusVH6vQzhgxWftrMiC7f-2BVPEqJjIA3g1KVCPV2NrWqo4RKQv8mpaWqHwK7CzBh38ftnSPCGyz6-2FNRit5oaD7HhneOxPbChyQimjpD1kOp-2BLvIu5gRIFlQG02EY-3D
>
>     Build ID: 571479
>
>     Analysis Summary:
>        New defects found: 26
>        Defects eliminated: 0

I think Coverity Scan learned new tricks because nothing happened
since the last run:

---8<------8<------8<------8<------8<------8<------8<------8<------8<------8<------8<---
$ git log origin/master --since=2023-11-12 --reverse -p
commit 34c87dd2ce90b7b12e49551834d9c6fa00b4c59a (origin/master, origin/HEAD)
Author: Dag Haavi Finstad <daghf at varnish-software.com>
Date:   Mon Nov 6 14:13:50 2023 +0100

    changes.rst: minor language tweak

diff --git a/doc/changes.rst b/doc/changes.rst
index 11737f68ab..786803a7cb 100644
--- a/doc/changes.rst
+++ b/doc/changes.rst
@@ -53,10 +53,10 @@ Varnish Cache NEXT (2024-03-15)
   In particular, this feature is used to reduce resource consumption
   of HTTP/2 "rapid reset" attacks (see below).

-  Note, in particular, that *req_reset* events may lead to client
-  tasks for which no VCL is called ever. Presumably, this is thus the
-  first time that valid `vcl(7)` client transactions may not contain
-  any ``VCL_call`` records.
+  Note that *req_reset* events may lead to client tasks for which no
+  VCL is called ever. Presumably, this is thus the first time that
+  valid `vcl(7)` client transactions may not contain any ``VCL_call``
+  records.

 * Added mitigation options and visibility for HTTP/2 "rapid reset"
   attacks (CVE-2023-44487_, 3996_, 3997_, 3998_, 3999_).
--->8------>8------>8------>8------>8------>8------>8------>8------>8------>8------>8---

Still, worth investigating.

Dridi

More information about the varnish-dev mailing list