Defects Found With Coverity Static Analysis

Coverity Static Analysis provides a full library of checks to detect critical defects and flaws in source code. All of these checks are run on top of our sophisticated interprocedural data flow analysis engine to ensure that 100% of all paths are explored with the highest accuracy.

Concurrency

Deadlocks
Race conditions
Blocking call misuse

Performance Degradation

Memory leaks
File handle leaks
Custom memory and network resource leaks
Database connection leaks

Crash Causing Defects

Null pointer deference
Use after free
Double free
Improper memory allocations
Mismatched array new/delete

Incorrect Program Behavior

Dead code caused by logical errors
Uninitialized variables
Invalid use of negative variables

Improper Use of APIs

STL usage errors
API error handling

Security Vulnerabilities

Secure Coding Defects

Buffer overflows
Integer overflows
Missing/insufficient validation of malicious data and string input
Format string vulnerabilities
SQL injection attacks
Cross-site scripting attacks

Defect Implications

Total system compromise
Denial of service attacks
Privilege escalation
Leaking confidential data
Data loss
Arbitrary code execution

click to enlarge

Datenblatt (1.6 MB)
Coverity Static Analysis (main page)
Defects Found
Defect Understanding and Prioritization
Ease of Use and Flexibility
Defect Reporting
Customer Case Studies
Coverity Press News

last updated: 8 Nov 2011

© 2010-2011 Coverity Inc., San Francisco / German tranlation by Verifysoft Technology GmbH, Offenburg
Coverity Static Analysis is a product and a trademark of Coverity, San Francisco (USA)
all other trademarks of this site are the property of their respective owners.

Coverity Static Analysis → Defects Found

Defects Found With Coverity Static Analysis