]> pere.pagekite.me Git - homepage.git/blob - blog/data/2014-04-29-gnash-coverity.txt
projects / homepage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Ønsker meg radonmåler.
[homepage.git] / blog / data / 2014-04-29-gnash-coverity.txt
1 Title: Half the Coverity issues in Gnash fixed in the next release
2 Tags: english, web, multimedia, video
3 Date: 2014-04-29 14:20
4
5 <p>I've been following <a href="http://www.getgnash.org/">the Gnash
6 project</a> for quite a while now. It is a free software
7 implementation of Adobe Flash, both a standalone player and a browser
8 plugin. Gnash implement support for the AVM1 format (and not the
9 newer AVM2 format - see
10 <a href="http://lightspark.github.io/">Lightspark</a> for that one),
11 allowing several flash based sites to work. Thanks to the friendly
12 developers at Youtube, it also work with Youtube videos, because the
13 Javascript code at Youtube detect Gnash and serve a AVM1 player to
14 those users. :) Would be great if someone found time to implement AVM2
15 support, but it has not happened yet. If you install both Lightspark
16 and Gnash, Lightspark will invoke Gnash if it find a AVM1 flash file,
17 so you can get both handled as free software. Unfortunately,
18 Lightspark so far only implement a small subset of AVM2, and many
19 sites do not work yet.</p>
20
21 <p>A few months ago, I started looking at
22 <a href="http://scan.coverity.com/">Coverity</a>, the static source
23 checker used to find heaps and heaps of bugs in free software (thanks
24 to the donation of a scanning service to free software projects by the
25 company developing this non-free code checker), and Gnash was one of
26 the projects I decided to check out. Coverity is able to find lock
27 errors, memory errors, dead code and more. A few days ago they even
28 extended it to also be able to find the heartbleed bug in OpenSSL.
29 There are heaps of checks being done on the instrumented code, and the
30 amount of bogus warnings is quite low compared to the other static
31 code checkers I have tested over the years.</p>
32
33 <p>Since a few weeks ago, I've been working with the other Gnash
34 developers squashing bugs discovered by Coverity. I was quite happy
35 today when I checked the current status and saw that of the 777 issues
36 detected so far, 374 are marked as fixed. This make me confident that
37 the next Gnash release will be more stable and more dependable than
38 the previous one. Most of the reported issues were and are in the
39 test suite, but it also found a few in the rest of the code.</p>
40
41 <p>If you want to help out, you find us on
42 <a href="https://lists.gnu.org/mailman/listinfo/gnash-dev">the
43 gnash-dev mailing list</a> and on
44 <a href="irc://irc.freenode.net/#gnash">the #gnash channel on
45 irc.freenode.net IRC server</a>.</p>
Nettsider og blogg.