oss-sec mailing list archives
100 bugs in Open Source C/C++ projects
From: Eugene Teo <eugene () redhat com>
Date: Fri, 18 May 2012 10:40:41 +0800
Here's a long list of bugs found in numerous open source projects. I found it at http://www.gamedev.net/page/resources/_/technical/general-programming/100-bugs-in-open-source-cc-projects-r2886. I suspect some of them are security bugs. I am not sure if the author has filed any bugs, or contact any of the upstream projects. If you are in this list, please start looking at them. Apache HTTP Server - http://httpd.apache.org/ Audacity - http://audacity.sourceforge.net/ Chromium - http://www.chromium.org/ Clang - http://clang-analyzer.llvm.org/ CMake - http://www.cmake.org/ Crystal Space 3D SDK - http://www.crystalsp.../main/Main_Page Emule - http://www.emule.com/ FAR Manager - http://www.farmanager.com/ FCE Ultra - http://fceux.com/web/home.html Fennec Media Project - http://fennec.sourceforge.net/ G3D Content Pak - http://sourceforge.n...ojects/g3d-cpp/ IPP Samples - http://www.viva64.com/go.php?url=449 Lugaru - http://www.wolfire.com/lugaru Miranda IM - http://www.miranda-im.org/ MySQL - http://www.mysql.com/ Newton Game Dynamics - http://newtondynamic...orum/newton.php Notepad++ - http://notepad-plus-plus.org/ Pixie - http://www.renderpixie.com/ PNG library - http://libpng.org/pub/png/ QT - http://qt.nokia.com/products/ ReactOS - http://www.reactos.org/en/ Shareaza - http://www.shareaza.com/ SMTP Client with SSL/TLS - http://www.codeproje...P/smtp_ssl.aspx StrongDC++ - http://strongdc.sour...ex.php?lang=eng Swiss-Army Knife of Trace - http://www.codeproje.../tracetool.aspx TortoiseSVN - http://tortoisesvn.net/ Ultimate TCP/IP - http://www.codeproje...imateTCPIP.aspx VirtualDub - http://www.virtualdub.org/ WinDjView - http://windjview.sourceforge.net/ WinMerge - http://winmerge.org/ Wolfenstein 3D - http://en.wikipedia..../Wolfenstein_3D Crypto++ - http://www.cryptopp.com/ Quake-III-Arena - https://github.com/i...Quake-III-Arena And some others. Eugene -- Eugene Teo / Red Hat Security Response Team
Current thread:
- 100 bugs in Open Source C/C++ projects Eugene Teo (May 17)