Knowledge is not skill.
Knowledge plus ten thousand times is skill.
This chapter provides a set of exercises to complement the tools and material on the book’s companion CD, which contains a demonstration version of Fortify Source Code Analysis. Two tools are included on the CD: Fortify Source Code Analyzer (Fortify SCA) carries out the static analysis, and Audit Workbench assists an auditor with reviewing the resulting issues. The sample programs used in this chapter are all written in C. The exercises in the previous chapter are much alike, but all the sample programs are written in Java. The companion CD also contains a soft copy of this chapter to make it easier to work through ...