OpenBSD Journal

OpenBSD & Theo de Raadt mentioned in article on Coverity's automated source code auditing tools

Contributed by grey on from the they're giving OpenBSD some free audits dept.

Thanks to Nikns Siankin for pointing out the following article which mentions Coverity's automated source code auditing tools being put to use on open source software projects, including some free bug submissions to the OpenBSD project. Though not mentioned in the article, our readers might find it interesting to know that OpenBSD developer tedu@ (Ted Unangst) & past undeadly editor phessler (Peter Hessler) work for Coverity.

The complete article by Rob Lemos may be found here: http://www.securityfocus.com/news/11230

(Comments are closed)


Comments
  1. By Alex McGeorge (209.36.50.224) on

    With all the press Theo has been getting recently, there should be an icon for a section called "Theo Watch."

  2. By Florin Iamandi (84.222.99.99) on http://data.homeip.net

    "Moreover, the tool has analyzed the code for OpenBSD, with any flaws found submitted back to the project, according to OpenBSD members."
    Why doesn't the article mention the number of bugs as it does with FreeBSD, MySQL and Linux kernel? Does anyone know how many were those bugs?

    Comments
    1. By jolan (66.117.169.38) on

      You can see some of the commits by searching for coverity: http://marc.theaimsgroup.com/?l=openbsd-cvs&w=2&r=1&s=coverity&q=b

    2. By tedu (64.173.147.27) on

      the data was never fully tabulated. there are some numbers in the papers from 2001, but a lot has happened since then and no count was kept for the incremental fixes.

      Comments
      1. By Anonymous Coward (207.232.8.4) on

        i liked the change you did in netinet6/in.6 after coverity's leet tool ran on the source. real fucking gem. :)

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]