also @ TechSpot: AMD A4-5000 Review: Kabini, the affordable ultraportable APU

Large vulnerability report submitted to Firefox team

By Justin Mann

On September 7, 2006, 12:22 PM

The Firefox team got more than just a handful of work handed to them recently when an investigating coder presented to them a list of 71 potential vulnerabilities and 655 “code defects” in the browser. Focusing on the 1.5.0.6 release of Firefox, analysis done by Klocwork's static analysis tool doesn't necessarily mean action will be taken or even required, just that something might be wrong. While not releasing specific details, they did give the public a general idea of what was found:

By far, the majority of the defects reported were null pointer dereferences (446 defects). A large number of defects resulted from the code not checking for null after memory was allocated. In addition, there were many cases where the return value of functions designed to return null were not checked prior to dereferencing.
Some might see this as a strike against Firefox, but in fact it is exactly the opposite. Unlike a closed source browser such as IE, having the source available to the public makes this kind of exploration possible and may in fact encourage improvement. There's no word from the Firefox team just yet, though I'm sure they will look into the findings.

No tags on this story

3 comments

User Comments: 3

Got something to say? Post a comment
  1. September 8, 2006 5:05 AM
    slake said:
    Now why is it these get reported to the right people but any and all IE issues get published to the world? Interesting.
    Reply
  2. September 8, 2006 2:52 PM
    bushwhacker said:
    I'm part of it since my firefox crashed when trying to load a movie from www.killsometime.com
    Reply
  3. September 9, 2006 4:18 AM
    ThomasNews said:
    I'd imagine there'll be some feedback in the near future from Mozilla developers regarding this given the coverage this item has received.
    Reply

Recently commented stories

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on Cases

Downloads and Drivers

Downloads   Drivers  

KiTTY 0.62.2.3

mIRC 7.32

Actual Bookmarks 1.2

World of Warcraft Patch 5.3.0

Funny Photo Maker 2.4.1

More Downloads

Latest Discussion

Battlefield 3 DLC 8 replies on Gaming

Overclocking i7-3770k, question about speedfan 6 replies on Overclocking, Cooling and Modding

The average life of a GPU 18 replies on Audio and Video

Need a 5.1 speaker system with USB input 8 replies on Audio and Video

Upgrading my computer 7 replies on Processors and Motherboards

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.