* Kamil Dudka: >> For example, how do you know that the reports are false positives and not >> true positives? > > I think it was obvious from my previous explanation: > > (1) You need to check (by manual review) that the source of data is really > untrusted. > > (2) You need to check (by manual review) that there is no sufficient check > on the data. > > (3) You need to check (by manual review) that the sink function is really > vulnerable to data from untrusted source. > > When doing step (3), I verified that Gnulib's base64_encode() can safely > process data from untrusted source. Then I wanted to record this information > into the source code so that other users of Gnulib do not need to verify this > each time they run Coverity on a project that bundles Gnulib's implementation > of base64_encode().
Does the annotation make the base64 functions trusted in the sense that they now turn untrusted data into trusted data? That would be undesirable in my opinion. Thanks, Florian
