Subject: Re: Coverity and userland...
To: Hubert Feyrer <hubert@feyrer.de>
From: Igor Sobrado <igor@string1.ciencias.uniovi.es>
List: tech-misc
Date: 04/13/2006 13:58:43
In message <Pine.LNX.4.61.0604101406570.27878@m24s24.vlinux.de>, Hubert Feyrer writes:
>
> FYI, see also:
> http://mail-index.netbsd.org/current-users/2006/04/09/0010.html
> http://mail-index.netbsd.org/current-users/2006/04/10/0011.html
I see that the number of lines of code being checked has dropped from
five million lines to one million lines. I see that a lot of open
source projects have joined the fine contribution of Coverity in the
last weeks, and checking twice the source of these projects make
no sense and is a waste of resources. But I hope that third party
software as sendmail is being verified. Perhaps sendmail itself should
audit its code using the *excellent* tools provided by Coverity too.
I guess that some vulnerabilities can be discovered in this MTA (postfix
has passed its auditing process with great results).
I hope that a critical software project as sendmail will join this
excellent donation to open source community or, at least, be audited
as a part of the evaluation of other software projects as NetBSD.
I hope they will accept the bug fixes in the latter.
Best regards,
Igor.