Get the Coverity Scan 2010 Open Source Integrity Report featuring the Android Integrity Report

Get the Coverity Scan 2010 Open Source Integrity Report featuring the Android Integrity Report


This report is the result of the largest public-private sector research project focused on open source software integrity, originally initiated between Coverity and the U.S. Department of Homeland Security in 2006. The results from the 2010 edition of the Coverity Scan Open Source Integrity Report detail the findings of analyzing more than 61 million lines of open source code from 291 popular and widely-used open source projects such as Android, Linux, Apache, Samba and PHP, among others.

The Coverity Scan service uses Coverity® Static Analysis to automatically test open source code submitted by the open source community, and the report is the summary of findings from this analysis. Highlights from the Coverity Scan 2010 Open Source Integrity Report include:

  • The Android kernel tested by Coverity revealed 359 software defects, which is a sample of what might be shipping in popular mobile and other Android-based devices.
  • 25 percent of the Android defects found are high risk with the potential to cause security breaches and crashes.
  • Nearly half of the defects discovered in open source projects by Coverity Scan are classified as high risk.
  • The high risk defects discovered in Android and other open source projects are the types typically eliminated by Coverity customers before shipping products.
  • Common defects found in open source code continue to be flaws such as memory corruptions, NULL pointer dereferences, and resource leaks, which can cause system crashes and security vulnerabilities in products.
Coverity by Synopsys
27 Jan 2011
27 Jan 2011
White Paper
Already a Bitpipe member? Login here

Download this White Paper!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.