×
  • Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
 

Static code analysis v2

by Chief Technical Officer at Bysoft China on Aug 17, 2011

  • 1,808 views

Most of the time, auditing PHP code is done manually. One need to read the code to understand it, and find flaws (security, business, quality…)...

Most of the time, auditing PHP code is done manually. One need to read the code to understand it, and find flaws (security, business, quality…)

Static analysis takes over manual auditing by providing means to search all the code, without leaving a stone unturned : it still needs to do this according to direction.

During this session, we’ll cover the use an open static analysis tool, also known as cornac, that will provide us invaluable information such as : PHP 5.3 compabitility, security flaws, inclusion tree, unused variables and arguments, GPC manipulations, stange names and classes inventories.

This is the best way to take a look at one’s code with hindsight. We’ll share with the audience code metrics and must-check structures of code.

Statistics

Views

Total Views
1,808
Views on SlideShare
1,774
Embed Views
34

Actions

Likes
3
Downloads
33
Comments
0

2 Embeds 34

http://www.oscon.com 32
http://www.techgig.com 2

Accessibility

Categories

Upload Details

Uploaded via SlideShare as Apple Keynote

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
Post Comment
Edit your comment

Static code analysis v2 Static code analysis v2 Presentation Transcript