Defects Found With Coverity Static Analysis

Critical Defects

Concurrency

• Deadlocks
• Race conditions
• Blocking call misuse

Performance Degradation

• Memory leaks
• File handle leaks
• Custom memory and network resource leaks
• Database connection leaks

Crash-Causing Defects

• Null pointer deference
• Use after free
• Double free
• Improper memory allocations
• Mismatched array new/delete

Incorrect Program Behavior

• Dead code caused by logical errors
• Uninitialized variables
• Invalid use of negative variables

Improper Use of APIs

• STL usage errors
• API error handling

Security Vulnerabilities

Secure Coding Defects

• Buffer overflows
• Integer overflows
• Missing/insufficient validation of malicious data and string input
• Format string vulnerabilities
• SQL injection attacks
• Cross-site scripting attacks

Defect Implications

• Total system compromise
• Denial of service attacks
• Privilege escalation
• Leaking confidential data
• Data loss
• Arbitrary code execution