AOH :: ISN-2850.HTM

A Coverity Eye on Firefox Code

A Coverity Eye on Firefox Code
A Coverity Eye on Firefox Code 

By Sean Michael Kerner 
August 9, 2006

Mozilla has long relied on its community to help it identify bugs 
within applications. Now it has another ally in the fight against 
bugs. has learned that Mozilla will announce that it is 
using Coverity's source code analysis software, which extends beyond 
the confines of Coverity's Department of Homeland Security grant to 
improve open source software code quality.

Firefox is one of over 50 open source projects being analyzed as part 
of the DHS-sponsored study. the DHS sponsored study results.

According to a release obtained by, Mozilla has 
deployed Coverity's source code analysis software in the development 
process of the Firefox Web browser.

The hope is that with Coverity analysis in hand, Firefox developers 
can find flaws before software is released.

"Firefox is the first open source project to put Coverity's software 
directly in the hands of its developers, allowing them to run 
customized analyses at will and ensure the quality of their codebase 
as it evolves," Coverity said in a statement.

Coverity is hardly a stranger to the open source world. The firm's 
source code analysis has been used by Linux kernel developers and 

As of this morning at 10:00 a.m. EST, the publicly available Coverity 
scan results page reports that since March 6, 2006, Firefox has fixed 
327 defects.

Mozilla is currently in the throes of developing its next major 
browser release, Firefox 2.0, which is currently at its Beta 1 

The Beta 2 release was originally expected to appear on Aug. 8 but is 
now set for release on Aug. 15.

Coverity-discovered bugs do not appear to be the main cause for the 
Beta 2 delay.

According to the Mozilla meeting notes from Aug. 23, the visual 
refresh for Firefox that will appear in Beta 2 is responsible for 30 
percent of the Firefox 2 blockers, with half related to code and the 
other half related to graphics issues. 

Visit the InfoSec News store! 

Site design & layout copyright © 1986-2014 CodeGods