Language Selection

English French German Italian Portuguese Spanish

Linux Code Grows as Defects Decline

Filed under
Linux

Between December 2004 and July 2005, the "defect density" in the Linux kernel has fallen from 0.17 to 0.16 and all serious defects have been corrected, a new report out from code analysis firm Coverity asserts.

Defect density declined by 2.2 percent as the total lines of code in the Linux kernel continues to grow from 5.76 million in December 2004 to 6.03 million in July 2005, which represents a 4.7 percent increase.

The decreased defect density has also resulted in fewer serious defects in the July 2005 Linux kernel. The December 2004 study reported five filesystem buffer overrun conditions and one network buffer overrun condition, both of which were deemed to be serious defects.

Coverity's July 2005 summary of the findings show zero defects of the same (filesystem buffer and/or network buffer) ilk.

"Although the size of the Linux kernel increased over the six-month study, we noticed a significant decrease in the number of potentially serious defects in the core Linux kernel," said Seth Hallem, CEO of Coverity, in a statement.

"Although contributors introduced new defects, these were primarily in non-critical device drivers."

Source.

More in Tux Machines

Jenkins Embrace and Extend?

Unity 8 Won't Be the Default Desktop Session for Ubuntu 16.10 (Yakkety Yak)

The Ubuntu Online Summit started just a few moments ago, and you can watch the Ubuntu Engineering team live right now talking about the features planned for the next Ubuntu release. We reported last week that the development of the Ubuntu 16.10 (Yakkety Yak) operating system had begun, with daily live ISO images being made available for early adopters and public testers who want to track the development cycle of the upcoming Ubuntu release. Read more

Leftovers: Gaming

Security Leftovers

  • Linux Foundation launches badge program to boost open source security
    The Linux Foundation has released the first round of CII Best Practices badges as part of a program designed to improve the quality and security of open-source software. Announced on Tuesday, the non-profit said the Core Infrastructure Initiative (CII), a project which brings tech firms, developers and stakeholders together to create best practice specifications and improve the security of critical open-source projects, has now entered a new stage with the issue of CII badges to a select number of open-source software.
  • Free Badge Program Signals What Open Source Projects Meet Criteria for Security, Quality and Stability
  • How to Conduct Internal Penetration Testing
    The best way to establish how vulnerable your network is to a hacker attack is to subject it to a penetration test carried out by outside experts. (You must get a qualified third party to help with penetration testing, of course, and eSecurity Planet recently published an article on finding the right penetration testing company.)
  • SSH for Fun and Profit
    In May last year, a new attack on the Diffie Hellman algorithm was released, called Logjam. At the time, I was working on a security team, so it was our responsiblity to check that none of our servers would be affected. We ran through our TLS config and decided it was safe, but also needed to check that our SSH config was too. That confused me – where in SSH is Diffie Hellman? In fact, come to think of it, how does SSH work at all? As a fun side project, I decided to answer that question by writing a very basic SSH client of my own.