[issue46280] About vulnerabilities in Cpython native code
Pablo Galindo Salgado
report at bugs.python.org
Thu Jan 6 15:24:04 EST 2022
Pablo Galindo Salgado <pablogsal at gmail.com> added the comment:
> Anyway, (if I'm right,) this makes my points that a) there are false positives, and b) we should have separate issues for each actual problem.
Sorry Eric, I failed to clarify my comment: you are absolutely right in your analysis. I was trying to backtrack what the tool is thinking and how that code could result in an initialized read based only on static analysis.
Your analysis is right and these are indeed false positives. Apologies for the confusion :)
----------
nosy: -414039482
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue46280>
_______________________________________
More information about the Python-bugs-list
mailing list