Coverity Enables Java-based ANTLR to Find and Fix Critical, Open Source Software Defects

SAN FRANCISCO, Sept. 19, 2013 /PRNewswire/ -- Coverity, Inc., the leader in development testing, today announced the results of its latest Coverity Scan™ Project Spotlight, which analyzed the ANTLR open source Java project, including defect density as compared to the industry average defect density for good quality software and types of defects identified.

ANTLR (ANother Tool for Language Recognition) is a powerful, Java-based parser generator for reading, processing, executing or translating structured text or binary files. The software, which is used to build languages, tools and frameworks, is downloaded more than 5,000 times per month and is used by a host of companies, including Apple, Oracle, Salesforce.com and Twitter. Although the ANTLR project only started using the Scan service in late August 2013, it has already leveraged the Coverity® development testing technology to find and fix 20 previously undiscovered, high- and medium-risk defects, including a resource leak and copy-paste error that could have caused a significant software crash in production.

Coverity expanded its free Coverity Scan service to include Java projects in May 2013, to help drive higher levels of software quality and security within the open source community. The Scan service uses Java analysis algorithms in the Coverity Development Testing Platform to find critical defects such as resource leaks and concurrency issues. The service also uses a highly-tuned version of the FindBugs static analysis tool, which is integrated into the Coverity platform, to identify coding standard and style issues. Since August 2013, the Coverity Scan service has analyzed 43,000 lines of ANTLR code and identified 171 defects.

"ANTLR is one of a growing number of Java open source projects that have joined the Scan service to help enhance code quality," said Jennifer Johnson, chief marketing officer for Coverity. "The ANTLR team has done an excellent job of addressing key defects in their code in the short time that they have been participating in the service, and we look forward to continuing to work with them to ensure that their Java code is of the highest quality, as well as to further expanding our engagement with the Java community."

Online Resources

• Download a copy of the Coverity Scan Project Spotlight for ANTLR
• Download a copy of the 2012 Coverity Scan Report
• Register your C/C++ or Java open source project for the Coverity Scan service

About Coverity Scan

In 2006, the Coverity Scan service was initiated with the U.S. Department of Homeland Security as the largest public-private sector research project in the world, focused on open source software quality and security. Coverity now manages the project, providing its development testing technology as a free service to the open source community to help them build quality and security into their software development process. Register your open source project for the Coverity Scan service, and follow us on Twitter to get the latest updates.

About Coverity

Coverity, Inc. (www.coverity.com), the leader in development testing, is the trusted standard for companies that need to protect their brands and bottom lines from software failures. More than 1,100 Coverity customers use Coverity's development testing platform to automatically test source code for software defects that could lead to product crashes, unexpected behavior, security breaches or catastrophic failure. Coverity is a privately held company headquartered in San Francisco. Coverity is funded by Foundation Capital and Benchmark Capital. Follow us on Twitter or check out our blog.

Coverity and Coverity Scan are trademarks or registered trademarks of Coverity, Inc. All other marks are the property of their respective owners.

SOURCE Coverity, Inc.