From 818522f6c2498dfac2da98dcf528eed2def75fa7 Mon Sep 17 00:00:00 2001 From: fyodor Date: Fri, 30 May 2014 20:20:08 +0000 Subject: [PATCH] add a task to review a static analysis report that was sent to us --- todo/nmap.txt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/todo/nmap.txt b/todo/nmap.txt index f30de2549..23939e43b 100644 --- a/todo/nmap.txt +++ b/todo/nmap.txt @@ -106,6 +106,11 @@ o Web: We should probably distribute RapidSSL intermediate certificate SSLCertificateFile which looks something like: SSLCertificateChainFile /etc/apache2/rapidssl.pem +o Investigate Checkmarx static analysis report of Nmap source tree + that someone sent us on Feb 12. It looks like mostly false positives, + but we should go through to check for any real bugs or even possible + security issues. Fyodor has the report. + o Make CONCURRENCY_LIMIT in nse_main.lua at least the min-parallelism. Otherwise NSE is limited to 1000 socket-using threads even if you've requested more.