Forums » Development »
Added by exva1 over 11 years ago
Coverity is a source code scanner that helps find problems and security vulnerabilities in code. The maker of Coverity provides a service to open source projects, allowing them to run it for free. Examples of open source projects using Coverity are KDE, Linux, and LibreOffice. A complete list is here: http://scan.coverity.com/all-projects.html
I think lighttpd would benefit from leveraging this free tool to try and locate any possible security vulnerabilities that exist in the code. I have used the tool in the past for other projects, and can say that it was useful.
If the lighttpd project is interested in using Coverity, open source projects can register here: http://scan.coverity.com/start
Good suggestion. lighttpd has been using Coverity for some years now.
https://scan.coverity.com/projects/lighttpd-lighttpd1-4