Essays about: "static source code analysis"

Showing result 1 - 5 of 43 essays containing the words static source code analysis.

  1. 1. Filtering False Positive Alarms in JavaDL and Language Experience Report

    University essay from Lunds universitet/Institutionen för datavetenskap

    Author : Karl-Oskar Rikås; Frank Weslien; [2021]
    Keywords : static program analysis; alarm filtering; feature engineering; Technology and Engineering;

    Abstract : JavaDL is a domain-specific language (DSL) for writing static program analyses in a declarative logic programming style, based on Datalog. The key feature of this DSL is the ability to pattern-match on literal source code syntax and reason non-locally through declarative programming. READ MORE

  2. 2. Security smells in open-source infrastructure as code scripts : A replication study

    University essay from Karlstads universitet/Handelshögskolan (from 2013)

    Author : Andreas Hortlund; [2021]
    Keywords : infrastructure as code; security; Ansible; Puppet; static code analysis; security smells;

    Abstract : With the rising number of servers used in productions, virtualization technology engineers needed a new a tool to help them manage the rising configuration workload. Infrastructure as code(IaC), a term that consists mainly of techniques and tools to define wanted configuration states of servers in machine readable code files, which aims at solving the high workload induced by the configuration of several servers. READ MORE

  3. 3. Implementation and Evaluation of an Emulated Permission System for VS Code Extensions using Abstract Syntax Trees

    University essay from Linköpings universitet/Programvara och system

    Author : Åström David; [2021]
    Keywords : Visual Studio Code; Extensions; Permissions; Static Analysis; Abstract Syntax Trees;

    Abstract : Permission systems are a common security feature in browser extensions and mobile applications to limit their access to resources outside their own process. IDEs such as Visual Studio Code, however, have no such features implemented, and therefore leave extensions with full user permissions. READ MORE

  4. 4. Automated secure code review for web- applications

    University essay from KTH/Skolan för elektroteknik och datavetenskap (EECS)

    Author : Sadeq Gholami; Zeineb Amri; [2021]
    Keywords : automated code reviewing tools; CodeQL; Semgrep; code review; security vulnerabilities; webapplications; automatiserade kodgranskningsverktyg; CodeQL; Semgrep; kodgranskning; säkerhet sårbarheter; webbapplikationer;

    Abstract : Carefully scanning and analysing web- applications is important, in order to avoid potential security vulnerabilities, or at least reduce them. Traditional code reviewing methods, such as manual code reviews, have various drawbacks when performed on large codebases. READ MORE

  5. 5. Vulnerability assessment of source codeanalysis tools for memory corruptionvulnerabilities a comparative study

    University essay from

    Author : Johan Tejning; [2021]
    Keywords : ;

    Abstract : Background. One of the main reasons for memory corruption vulnerabilities lies in the lack of built in safety measures for the C/C++ programming language which is often time used to develop performance critical software. READ MORE