I’m publishing the results of the coverity tests ran against Firebird 2.0 at 6/March/2006. For those who doesn’t know what is this: some months ago, USA government sponsored some companies to find bugs in popular Open Source projects, in a way to make them more secure. Firebird was in the software list. Now the first results are being published.
The source code is analyzed by the automated Coverity Tool, which process the source code and build automated reports with possible problems found.
The results I’m publishing doesn’t have the internal hyperlinks that allows to jump directly to the “faulting line” in the source code, as well the detailed information about each problem, since this would require access to the authenticated coverity servers and most of you don’t have the necessary login info.
Click here to see the resullts. More detailed comments about this to come in the next days. Also, keep in mind that automated tools can be fooled by the code, what means that some code can be reported as problematic while it isn’t.
Note: The tests are being run against Firebird 2.0 source code. As you know, FB 2.0 is still in BETA, and that’s why we have betas… to detect and correct bugs.