An anonymous reader writes "A project funded by the US Department of Homeland Security has praised improvements in open-source security, while outlining some common errors, ZDNet.co.uk reports.
Coverity, a commercial code-analysis company spun out of Stanford University, has been running its Scan project with Department of Homeland Security funding since 2006.
On Tuesday, Coverity released its Open Source Report, which gives results of bugs in more than 250 open-source projects. Coverity declined to give details of individual projects' faults, but instead gave a list of frequent coding errors.
The most common type of code defect, accounting for 28 percent of all the defects found, was the NULL pointer dereference, as the use of pointers in C/C++ is error-prone, according to Coverity." Link to Original Source
This discussion was created for logged-in users only, but now has been archived.
No new comments can be posted.
"Pointers are a notoriously challenging programming concept that many languages elide altogether (eg, Java). Senior developers know that new programmers frequently have trouble understanding pointers."
No, Java just gets rid of pointer arithmetic. Other than that, it's "references" act just like pointers.
pointers? (Score:2)