AlanBarber.Org



« Three questions to ask an engineer at an interview | Main | Fixing SQLAgent is not allowed to run error »

Wednesday, July 06, 2005

Coverity scans FreeBSD for potential software flaws

I saw an interesting news article on SecurityFocus last week titled “Open-source projects get free checkup by automated tools

Coverity makes code-analysis software that can scan source code for potential flaws, bugs, etc.  They’ve been scanning for free some open source projects to help detect and clean up possible bugs and flaws.  It’s a nice thing to do but of course the reality is they’re doing it to prove the quality of their tools.

Anyways, they just finished doing a scan of the FreeBSD OS.  They found 306 potential software flaws from the scan.  That might sound like a lot but most are really not flaws.  The FreeBSD guys are saying only five issues can be triggered by user input and twelve are buffer overruns.  Plus, either way they [FreeBSD programmers] have looked over the issues and have corrected them.  So there are updates available now and all future release will be safe from these flaws.

I must say this is pretty nice of Coverity.  I mean sure as I said it’s just something for publicity but it’s cool to see them help out open source software.  I would hope that they think about doing yearly scans of the projects.  Now that would be awesome to have them do yearly checkups of many of the big open source projects like Linux, FreeBSD, MySQL, Apache, etc.

Posted by AlanBarber on 07/06/2005 at 07:18 PM
Bookmark and Share Computers & TechnologyBSD / Linux • (0) CommentsPermalink

 

Post Comment:

Commenting is not available in this weblog entry.
« Three questions to ask an engineer at an interview | Main | Fixing SQLAgent is not allowed to run error »