back to article Open source code crawling with fewer bugs

The quality of open source code has improved over the last two years, according to an audit sponsored by the US Department of Homeland Security. The security and quality of more than 250 open source projects - including Apache, Linux, Firefox and PHP - was assessed using code analysis tools from Coverity as part of the federal …

COMMENTS

This topic is closed for new posts.
  1. Chris Cook

    Obvious question...

    So how does this compare to closed source code?

  2. Ron

    Null pointer refs

    -------

    Buffer overflow flaws are the staple of most security bugs but experts warn that null pointer bugs could become fertile ground for hacking attacks. "Null pointer security flaws are exploitable and could quickly replace buffer overflows as the next big threat," said Geoff Sweeney, CTO of Australian-based net security firm Tier-3.

    -------

    Not true. Null-pointer refs normally aren't exploitable, but, in certain cases, can be. It depends on how the null pointer is used.

  3. Robert Brockway
    Linux

    @Chris Cook

    That's the problem with closed sources. We don't know. Someone with access to the source code would need to parse it through and only after obtaining an NDA I expect.

This topic is closed for new posts.

Other stories you might like