From: Petter Reinholdtsen Date: Tue, 29 Apr 2014 12:14:43 +0000 (+0200) Subject: Generated. X-Git-Url: https://pere.pagekite.me/gitweb/homepage.git/commitdiff_plain/b0e35311a5d8f976c71104a2caa6fe394c2204dd?ds=sidebyside Generated. --- diff --git a/blog/Half_the_Coverity_issues_in_Gnash_fixed_in_the_next_release.html b/blog/Half_the_Coverity_issues_in_Gnash_fixed_in_the_next_release.html new file mode 100644 index 0000000000..379f5708a8 --- /dev/null +++ b/blog/Half_the_Coverity_issues_in_Gnash_fixed_in_the_next_release.html @@ -0,0 +1,374 @@ + + + + + Petter Reinholdtsen: Half the Coverity issues in Gnash fixed in the next release + + + + + + +
+

+ Petter Reinholdtsen + +

+ +
+ + +
+
Half the Coverity issues in Gnash fixed in the next release
+
29th April 2014
+

I've been following the Gnash +project for quite a while now. It is a free software +implementation of Adobe Flash, both a standalone player and a browser +plugin. Gnash implement support for the AVM1 format (and not the +newer AVM2 format - see +Lightspark for that one), +allowing several flash based sites to work. Thanks to the friendly +developers at Youtube, it also work with Youtube videos, because the +Javascript code at Youtube detect Gnash and serve a AVM1 player to +those users. :) Would be great if someone found time to implement AVM2 +support, but it has not happened yet. If you install both Lightspark +and Gnash, Lightspark will invoke Gnash if it find a AVM1 flash file, +so you can get both handled as free software. Unfortunately, +Lightspark so far only implement a small subset of AVM2, and many +sites do not work yet.

+ +

A few months ago, I started looking at +Coverity, the static source +checker used to find heaps and heaps of bugs in free software (thanks +to the donation of a scanning service to free software projects by the +company developing this non-free code checker), and Gnash was one of +the projects I decided to check out. Coverity is able to find lock +errors, memory errors, dead code and more. A few days ago they even +extended it to also be able to find the heartbleed bug in OpenSSL. +There are heaps of checks being done on the instrumented code, and the +amount of bogus warnings is quite low compared to the other static +code checkers I have tested over the years.

+ +

Since a few weeks ago, I've been working with the other Gnash +developers squashing bugs discovered by Coverity. I was quite happy +today when I checked the current status and saw that of the 777 issues +detected so far, 374 are marked as fixed. This make me confident that +the next Gnash release will be more stable and more dependable than +the previous one. Most of the reported issues were and are in the +test suite, but it also found a few in the rest of the code.

+ +

If you want to help out, you find us on +the +gnash-dev mailing list and on +the #gnash channel on +irc.freenode.net IRC server.

+
+ +
Tags: english, multimedia, video, web.
+ + +
+ + + + + +

+ Created by Chronicle v4.6 +

+ + +