14. Source Code Analysis Exercises for C

Knowledge is not skill.

Knowledge plus ten thousand times is skill.

SHINICHI SUZUKI

This chapter provides a set of exercises to complement the tools and material on the book’s companion CD, which contains a demonstration version of Fortify Source Code Analysis. Two tools are included on the CD: Fortify Source Code Analyzer (Fortify SCA) carries out the static analysis, and Audit Workbench assists an auditor with reviewing the resulting issues. The sample programs used in this chapter are all written in C. The exercises in the previous chapter are much alike, but all the sample programs are written in Java. The companion CD also contains a soft copy of this chapter to make it easier to work through ...

Get Secure Programming with Static Analysis now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.