[Vorbis-dev] Coverity and libvorbis

Erik de Castro Lopo mle+la at mega-nerd.com
Sat May 19 05:11:25 PDT 2007


Hi all,

I'm not sure if you are aware, but libvorbis has been scanned by the
Coverity static analysis team :

     http://scan.coverity.com/

For libvorbis, it found 8 possible bugs.

To fix these bugs Coverity need a repesentative from the project to
contact them for access to the coverity reporting facilities.

The reason I am keen to see Xiph take up this challenge is that when
all projects listed on the above page address the issues listed,
all of the projects can move to the next rung where more of the
Coverity tests are enabled.

My project libsndfile is on the same list as libvorbis and libsndfile
can't move forward until the libvorbis issues have been fixed. For
the record, the Coverity tool found 8 possible issues with libsndfile,
5 of which were false positives, but 3 of which were genuine bugs.

Cheers,
Erik
-- 
-----------------------------------------------------------------
Erik de Castro Lopo
-----------------------------------------------------------------
"What is freedom of expression? Without the freedom to offend,
it ceases to exist." - Salman Rushdie
-- 
-----------------------------------------------------------------
Erik de Castro Lopo
-----------------------------------------------------------------
"In civilian equipment, such as computers, the number
of components alone makes miniaturization essential if
the computer is to be housed in a reasonable-sized
building." Electronics Oct. 1, 1957, p. 178


More information about the Vorbis-dev mailing list