Re: Open Source Code Review
From: Roman Bogorodskiy (bogorodskiy_at_inbox.ru)
Date: 04/24/04
- Previous message: Bojidar Alexandrov: "Re: Delphi Auditing"
- In reply to: Angus: "Open Source Code Review"
- Next in thread: John Wilander: "Re: Open Source Code Review"
- Reply: John Wilander: "Re: Open Source Code Review"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 24 Apr 2004 21:03:26 +0400 To: Angus <angus_md@yahoo.com> "From: Roman Bogordskiy <bogorodskiy@inbox.ru>"
Angus wrote:
> Is anyone aware of any open source code review
> programs. I'd like to know if there are any that deal
> with all aspects of security, including but not
> limited to efficiency and breakin/overflow issues. In
> paticular, I'd like one for Coldfusion, however any
> others would be appreciated.
There are a lot of the so called source code scanners. The most
popular ones are:
splint (http://www.splint.org/),
flawfinder (http://www.dwheeler.com/flawfinder/),
its4 (http://www.cigital.com/its4/),
rats (http://www.securesw.com/rats/). But it's strongly recommended
you'll do manual inspection of your code.
-Roman Bogorodskiy
- application/pgp-signature attachment: stored
- Previous message: Bojidar Alexandrov: "Re: Delphi Auditing"
- In reply to: Angus: "Open Source Code Review"
- Next in thread: John Wilander: "Re: Open Source Code Review"
- Reply: John Wilander: "Re: Open Source Code Review"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
