Code hunters are spotting with greater frequency defective coding that could open security holes in free and open source (FOSS) software.
The Open Source Report 2008 and the Architecture Library Report, conducted by Coverity for the U.S. Department Homeland Security Cybersecurity Open Source Hardening Project, shows more than 10,000 defects fixed since project launch in March 2006.
The report, delivered in July at the OSCON 2009 (Open source Convention) gathering, used the same analysis tools and configurations as the Scan Benchmark 2006. The results are based on analysis of over 55 million lines of code from more than 250 open source projects that represent 14,238 individual project analysis runs. All totaled, nearly 10 billion lines of code were analyzed.