Hello! Sadly no answer from Klocwork... Ok, what do you think about Coverity? I mean this one http://scan.coverity.com/ It could be a good addition to this https://www.google-melange.com/gsoc/project/google/gsoc2013/alex_animux/76001
Radare2 is already scanning by Coverity (a few days). Best regards, Anton Kochkov. On Fri, Apr 12, 2013 at 1:32 PM, Антон Кочков <[email protected]> wrote: > Good day! > > As I did not get a reply to my message from April 3rd I am trying it again. > > Is it possible to add the coreboot project https://www.coreboot.org to your > free analysis of FOSS projects? > > As an alternative to the BIOS and UEFI, coreboot and its payloads need and > want to be as secure as possible to also outdo UEFI in the security aspect. > So code analysis to find out any issues would help coreboot very much. > > Here is the code > > git clone http://review.coreboot.org/p/coreboot.git > > Under the directory `payloads/` there are some programs which are started > after coreboot has finished. Under the directory `util/` there are several > utilities needed for image creation or for board porting. > > As a build system, a customized Kconfig is used and there is also the build > tool named abuild.. > > If you have any question, please do not hesitate to ask us. Either on our > mailing list http://www.coreboot.org/Mailinglist or myself. > > The coreboot project and I hope, you are going to help us and are looking > forward to what you are going to find. > > > Best regards, > > Anton Kochkov. > > > PS: If you know any students interested in low level stuff please tell them, > that coreboot is participating in Google Summer of Code 2013 > http://www.coreboot.org/GSoC . > -- coreboot mailing list: [email protected] http://www.coreboot.org/mailman/listinfo/coreboot
