SoftwareSecurity2013/Group 42/Code Scanning

Uit Werkplaats
< SoftwareSecurity2013‎ | Group 42
Versie door Erik Poll (overleg | bijdragen) op 7 jul 2013 om 09:59
(wijz) ← Oudere versie | Huidige versie (wijz) | Nieuwere versie → (wijz)
Ga naar: navigatie, zoeken

Below are the results yielded by running automated source code analysis tools on Mediawiki version 1.21.1. We chose both Fortify and RIPS as our source code analysis tools. Results are grouped by analysis tool and ordered respectively. Only the results relevant for ASVS V5 - Input validation are given and only a small subset of the results are listed. The subset was taken randomly from the yielded results.(Erik:Fine to consider only a subset, of course, but you could say how many out of how many you looked at, to get an impression of the overall number)


Fortify


RIPS