I don't think 70% of bugs are memory safety issues. In my experience it's closer to 5%.

mgaunard • last Thursday at 10:17 AM • 6 replies • view on HN

I don't think 70% of bugs are memory safety issues.

In my experience it's closer to 5%.

Replies

cogman10 • last Thursday at 1:25 PM

I believe this is where that fact comes from [1]

Basically, 70% of high severity bugs are memory safety.

[1] https://www.chromium.org/Home/chromium-security/memory-safet...

➕ show 2 replies

stonemetal12 • last Thursday at 8:07 PM

Using the data provided, memory safety issues (use-after-free, memory-leak, buffer-overflow, null-deref) account for 67% of their bugs. If we include refcount It is just over 80%.

IshKebab • last Thursday at 3:31 PM

70% of security vulnerabilities are due to memory safety. Not all bugs.

tester756 • last Thursday at 1:28 PM

That's the figure that Microsoft and Google found in their code bases.

redeeman • last Thursday at 12:33 PM

probably quite a bit less than 5%, however, they tend to be quite serious when they happen

➕ show 1 reply

nibman • last Thursday at 11:52 AM

[dead]

alt Hacker News

Replies