Coverity and open source code

Flaws found in open source codes

Tom Espiner - 2008/05/21 08:56:01
http://www.builderau.com.au/news/soa/Flaws-found-in-open-source-codes/0,339028227,339289125,00.htm

A project funded by the US Department of Homeland Security has praised improvements in open source security, while outlining some common errors.

Coverity, a commercial code analysis company spun out of Stanford University, has been running its Scan project with Department of Homeland Security funding since 2006.
On Tuesday, Coverity released its Open Source Report, which gives results of bugs in more than 250 open-source projects. Coverity declined to give details of individual projects' faults, but instead gave a list of frequent coding errors.

Coverity did single out some projects for particular praise due to the cleanliness of the code, including Amanda, NTP, OpenPAM, OpenVPN, Perl, PHP, Python and Samba.
The most common type of code defect, accounting for 28 percent of all the defects found, was the NULL pointer dereference, as the use of pointers in C/C++ is error-prone, according to Coverity.
"This type of error often occurs when one code path initialises a pointer before its use, but another code path bypasses the initialisation process," stated the report. "Pointers are a notoriously challenging programming concept that many languages elide altogether (eg Java). Senior developers know that new programmers frequently have trouble understanding pointers."

Because pointers are often used to pass data structures by reference between pieces of program logic, they may be the most commonly manipulated data objects due to repeated copying, aliasing and accessing. Therefore, it is not surprising that the most frequently used artefacts will incur the most errors in manipulation, said Coverity.
The second most common type of code defect are resource leaks. While some resource leaks are pointer-related, others may be the result of misusing an application programming interface (API), said Coverity.

Other common code defects include unintentional ignored expressions, use before test and buffer overflow vulnerabilities.

Copyright © 2008 CNET Networks, Inc. All rights reserved.

Ebooks

Ebooks download link
http://www.giuciao.com/books/book.php?id=5521&by=Business&ord=id

Quality Assurance

Another good link provided by Roger Pressman in his book 'Software Engineering'
http://www.asq.org/

Good PMC and PMT links

PMC link - http://www.punecorporation.org/betterroads/Home/Home.aspx
This link shows map of pune city. Complaints for pot-holes on roads can be filed directly on the map.
PMT / PMPML link - http://www.pmtpune.org/index.asp
From this link, you can find the bus routes in Pune.

Software Engg links

The following links were mentioned in the book 'Software Engg' by Roger Pressman as additional reference material
http://www.sei.cmu.edu/ - gives info about Software Engg Institute and CMM levels
http://www.stsc.hill.af.mil/ - gives info about software technology support centre

Vitamins and minerals

Use the link below to know what and how much vitamins and minerals you need as per your age group
http://www.oprah.com/health/oz/programs/young/solutions/solutions_vitamin.jhtml

Nice Birthday Wishes

Let the god decorate each golden ray of the sun reaching u with wishes of success, happiness and prosperity 4 u, wish you a super duper happy birthday.

Look outside its so pleasant moments sun is smiling with you trees dancing for you birds singing for you because last night i asked them all to wish you happy birth day!