Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

SonarQube Static Analysis of oqsprovider #526

Open
dehatideep opened this issue Sep 24, 2024 · 2 comments
Open

SonarQube Static Analysis of oqsprovider #526

dehatideep opened this issue Sep 24, 2024 · 2 comments
Labels
bug Something isn't working help wanted Extra attention is needed

Comments

@dehatideep
Copy link

dehatideep commented Sep 24, 2024

Describe the bug
A clear and concise description of what the bug is.

This is Static Analysis report of oqsprovider. SA was done using SonarQube. There is an issue already as per Coverity Static Analysis (#514) but this is also captured because different SA tools sometimes provide additional insights or point out to additional issues.
SA report is attached below.
Oqsprovider SonarQube Static Scan result.pdf

@baentsch

To Reproduce
Steps to reproduce the behavior:

  1. Go to '...'
  2. Click on '....'
  3. Scroll down to '....'
  4. See error

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Environment (please complete the following information):

  • OS: [e.g. Ubuntu 20]
  • OpenSSL version [e.g., 3.2.0-dev]
  • oqsprovider version [e.g. 0.4.0]

Please run the following commands to obtain the version information:

  • For OpenSSL: openssl version
  • For oqsprovider: openssl list -providers

If oqsprovider is not listed as active, be sure to first follow all
USAGE guidance.

If reporting bugs triggered by OpenSSL API integrations, e.g. running
a provider build statically
or directly invoking any OpenSSL API, be sure to retrieve and report all errors
reported by using the OpenSSL ERR_get_error_all
function.

Bug reports generated from Debug builds
wth the debug environment variable "OQSPROV=1" set will be particularly helpful to find underlying
problems.

Additional context
Add any other context about the problem here.

Hints
To exclude a build/setup error, please consider running your test
commands to reproduce the problem in our pre-build docker image,
e.g. as such: docker run -it openquantumsafe/oqs-ossl3 and
provide full command input and output traces in the bug report.

@baentsch
Copy link
Member

Thanks very much for sharing this report. Can I safely assume the "Cisco Confidential" marker is on the file in error? I guess better would be to replace the file....

@dehatideep
Copy link
Author

Thanks very much for sharing this report. Can I safely assume the "Cisco Confidential" marker is on the file in error? I guess better would be to replace the file....

That was indeed in error, it was a wrong template and I fixed it and uploaded a new file. Thank you.

@baentsch baentsch added the help wanted Extra attention is needed label Oct 15, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
bug Something isn't working help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

2 participants