Home > Archive > Software Engineering > February 2006 > Comments on Coverity?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Comments on Coverity?
|
|
| Roy Smith 2006-02-09, 7:03 pm |
| I've been invited to a Coverity Demo/Talk/Salespitch/DogAndPonyShow
tomorrow. Reading the white papers, it sounds like the greatest thing
since sliced bread, but so do many things when you read the
whitepapers. Can anybody who's used the product provide comments
about how useful it is in real life?
This is to be used on a fairly large project, with a code base going
back 10 years. The project currently has about 50 developers and 790
KLOC (C++). The applications are highly multi-threaded servers that
are expected to run for months at a time, so resource management is a
critical issue for us.
| |
| Paul E. Black 2006-02-10, 6:59 pm |
| On Thu, 09 Feb 2006 14:25:58 -0500, Roy Smith wrote:
> I've been invited to a Coverity Demo/Talk/Salespitch/DogAndPonyShow
> ...
> Can anybody who's used the product provide comments about how useful it is
> in real life?
Sorry, don't have comments on that, however our project has collected
some thousand examples of code with software security flaws which may
be helpful if you want to make some comparisons. The examples are
freely available from
http://samate.nist.gov/SRD/srdFiles/
Our project bibliography also has some work that might help
http://samate.nist.gov/index.php/ B..._Surv
eys
Sincerely,
-paul-
--
Paul E. Black (p.black@acm.org) 100 Bureau Drive, Stop 8970
paul.black@nist.gov Gaithersburg, Maryland 20899-8970
voice: +1 301 975-4794 fax: +1 301 926-3696
http://hissa.nist.gov/~black/ KC7PKT
|
|
|
|
|