“In theory there is no difference between theory and practice. In practice there is.”
This chapter provides a set of exercises to complement the tools and material on the book’s companion CD, which contains a demonstration version of Fortify Source Code Analysis. Two tools are included on the CD: Fortify Source Code Analyzer (Fortify SCA) carries out the static analysis, and Audit Workbench assists an auditor with reviewing the resulting issues. The companion CD also includes a soft copy of this chapter to make it easier to work through the exercises on your computer.
The sample programs used in this chapter are all written in Java. The exercises in the following chapter are much like ...