Date: Sat, 8 Apr 2017 00:50:31 +0300 From: Tommi Pernila <tommi.pernila@iki.fi> To: freebsd-current <freebsd-current@freebsd.org> Subject: PVS-Studio Analyzer Spots Bugs In the FreeBSD 2017 edition Message-ID: <CABHD1wRn2uwwh5aBS26pWg%2B71FAQ1P4yVB3Bp_8%2ByRGEg%2BVU6w@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi all, just a heads up if you haven't yet seen this blog post from Andrey Karpov from PVS-Studio. It's a quite a long read. https://www.viva64.com/en/b/0496/ Here's a few highlights (with some paraphrasing). >PVS-Studio fixed errors where it's clear how to fix them without digging deep into the algorithms. >That's why FreeBSD authors should really do a deeper analysis themselves, >not just review that limited number of errors that we presented. >Andrey Karpov is ready to provide a temporary license key and also help to eliminate false positives that may hinder their work. Anyone up for this task? >FreeBSD code is regularly checked by Coverity (which is now a part of Synopsys). >Still, it didn't prevent me from finding 56 potential vulnerabilities and 10 more real bugs in one evening by running PVS-Studio on this code. Br, Tommi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CABHD1wRn2uwwh5aBS26pWg%2B71FAQ1P4yVB3Bp_8%2ByRGEg%2BVU6w>