Vulnerability Development mailing list archives

Re: Research on Source Code Review -C

From: "Nicole Nicholson" <nanicholson () hotmail com>
Date: Wed, 11 Jun 2003 06:41:42 -0700

Dwar-

I don't know if you have looked at any of these sites. They actuallycontain tools & publications for source code analysis and review. You maybe able to use some of their literature and/or documentation to develop aset of guidelines.


http://www.cenzic.com/
http://www.cigital.com/
http://www.dwheeler.com/flawfinder/
http://www.securesoftware.com/

Cheers.

-Nicole


<snip>

Am looking to develop source code review guidelines for code written in
c/c++. I have found a few documents on the net but nothing that could be
really followed along to do source code review. I also wanted to know what
people in the field are actually doing and also if they could provide
first hand experience as to what all they look for and how.

_________________________________________________________________

The new MSN 8: advanced junk mail protection and 2 months FREE*http://join.msn.com/?page=features/junkmail

Current thread:

Research on Source Code Review -C dwar keeper (Jun 10)
- <Possible follow-ups>
- Re: Research on Source Code Review -C Nicole Nicholson (Jun 11)
- RE: Research on Source Code Review -C Marc Sherman (Jun 12)
- Re: Research on Source Code Review -C gil GUl (Jun 12)
- RE: Research on Source Code Review -C Ingevaldson, Dan (ISS Atlanta) (Jun 12)
- Re: Research on Source Code Review -C Steven M. Christey (Jun 16)