611 Defects, 71 Vulnerabilities Found In Firefox

[apcmiller]

September 01, 2006

Examining defects in the Firefox code base

Submitted by Adam Harrsion, Klocwork

Using Klocwork’s K7 static analysis tool, I examined the large and complicated code base of the popular open source browser, Firefox. Overall it is clear that Firefox is a very well written and high quality piece of software. Several builds were performed on the code, culminating in the final analysis of version 1.5.0.6. The analysis resulted in 655 defects and 71 potential security vulnerabilities. The Firefox team has been given the analysis results, and they will determine if or how they will deal with the issues.

Only someone with in-depth knowledge and background of the Firefox code could judge the danger of a particular security vulnerability; therefore, I have not included more detailed information of these security vulnerabilities that could lead to the spreading of unfounded rumours of potential exploits. However, for those interested, I’ve provided more details of the defects below.

A closer look at reported defects in build 1.5.0.6

By far, the majority of the defects reported were null pointer dereferences (446 defects). A large number of defects resulted from the code not checking for null after memory was allocated. In addition, there were many cases where the return value of functions designed to return null were not checked prior to dereferencing.

Memory management issues accounted for the next highest defect count (141 defects). A large number of these defects arose as a result of a function returning abruptly when it had encountered an error. In such cases, the code neglected to free allocated memory, even though that memory would have been de-allocated had the function run its full course.

Uninitialized variable use only accounted for 68 defects. For the most part these defects arose when it was assumed that the code would follow a certain path. However, there were instances where no checks were made to ensure the execution path followed the desired route.

G2zero.com

[erRor67]

Meh, it was posted on digg and then labled inacurate. Of course, maybe everyone on digg loves firefox..

[dMog]

Meh, it was posted on digg and then labled inacurate. Of course, maybe everyone on digg loves firefox..

so............for us stupid people...waht does it mean? ;)

[Chicano666]

Use Opera...lol...

[myidisbb]

Meh, it was posted on digg and then labled inacurate. Of course, maybe everyone on digg loves firefox..

so............for us stupid people...waht does it mean? ;)

it means as more go linux so will the increase in worms and viruses aim at it. this will show up in certain nations that are forcing an anti microsoft (anti american) software usage. (most users here in the free world are going to be more updated and smarter.) these anti ms counties usually had a very low legal copy of windows anyway. i dont think this is going to effect na and e much. but sa and a will see it.

[Baldie]

I`m using FireFox 1.5.0.7 with totally no problems ;)

[cooldoc66]

I (as an addicted Beta - tester) always use the current nightly . Which is BonEcho 2.0 B2 (Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b2) Gecko/20060913 BonEcho/2.0b2) very good, no crashes...

[Lite]

Welcome to the world of software developement. Every peice of software contains bugs and potential risks. Firefox is no different. I think the author of the article is just trying to scare people (or is seeking some attention).

[preso]

Few bugs in software are acceptable but 611 defects :P