Showing 1 - 4 of 4 results for the Author - william snavely Secure Coding
In this paper, the authors describe automated repairs for three types of bugs: integer overflows, missing array bounds checks, and missing authorization checks.
This report describes recent enhancements to Droid Intent Data Flow Analysis for Information Leakage (DidFail), the CERT static taint analyzer for sets of Android apps.
In this report, the authors describe how the DidFail tool was enhanced to improve its effectiveness.
In this paper, the authors provide a suggested set of auditing rules and a lexicon for auditing static analysis alerts.