The prevalent open-source version of the Apache Web server stacks up well with commercial Web servers in terms of the number of code defects, according to a study by Mountain View, Calif.-based automated software inspection service provider Reasoning Inc.

Reasoning recently inspected Apache V2.1 and compared it with other commercial Web servers that were at a similar stage of their development and found 31 code defects in 58,944 lines of code for a defect density of 0.53 per thousand lines of code. Commercial Web servers have a defect density of 0.51 per thousand lines.

Using its homegrown proprietary automated inspection software and processes for Java and C and C++ applications, Reasoning inspected the Apache code looking for memory leaks, NULL point dereference defects, bad deallocation, out-of-bounds array access and uninitialized variables. Reasoning found 29 instances of NULL point dereferences where expressions dereference a NULL pointer; the company also found two instances of uninitialized variables where a variable was not initialized prior to use.

[ Read more ]

Related items

• Review: Apache Server 2.0: The Complete Reference (2 May 2003)
• Article: Interview with Scott Hawkins, author or "Essential Apache for Web Professionals" (15 April 2003)
• Review: Essential Apache for Web Professionals (3 April 2003)
• Review: Apache Administrator's Handbook (16 January 2003)
• Article: Apache Chunk Handling Roundup (18 June 2002)