| coverity |
[Apr. 16th, 2004|06:00 pm]
Brad Fitzpatrick
|
There's now a commercial entity behind the Stanford Meta-Compilation project (the "Checker"):
http://www.ussg.iu.edu/hypermail/linux/kernel/0404.2/0162.html
And they release for free a database of Linux bugs:
http://linuxbugs.coverity.com
The registration part is lame, but once you do, there's a shitload of bugs. I wonder how many security fixes will come out of this. |
|
|
| Comments: |
From:  evan
2004-04-16 06:43 pm (UTC)
| (Link)
|
I don't especially want to register, but: does it look like they're real bugs? A lot of static checkers find "bugs" that are actually just unclear code. (*grumbles something about languages not being powerful enough to express programmer intentions...*)
![[User Picture]](https://l-userpic.livejournal.com/54541970/2) | From: brad
2004-04-16 07:13 pm (UTC)
| (Link)
|
The ones I looked at all looked real. I was pretty impressed at all the rules and what they were able to catch. | |
