Highest Voted 'java code-review' Questions - IT Security Stack Exchange

8

votes

4answers

3k views

Any useful tools for Android source code review? [closed]

I'm wondering if anyone has some recommendations for Android source code review which is Java based. For example, reviewing an Android app for security issues. Bonus for being F/OSS. Fortify seems ...

asked May 27 '11 at 19:02

Lizbeth
438211

8

votes

4answers

394 views

What Checkstyle or Findbugs rules detect common vulnerabilities?

Looking for experience with both built in and custom checks. I do not need references to commercial source code analysers.

java source-code code-review

asked Jan 8 at 3:52

agelastic
3867

6

votes

4answers

907 views

Is there a real risk of exploitation in java code where a null pointer is dereferenced

I'm playing with some generally well written and parsed java code, but there are some oddities thrown up by my code scanning tool. I know a null pointer dereference can crash a program, but assuming ...

appsec code-review java

asked Mar 4 '11 at 11:17

Rory Alsop♦
32.3k333153

4

votes

3answers

272 views

How to rate Open Source Libraries?

Is there some kind of automated scanning tool which detects threats in Open Source Java Libraries? I think the OWASP Orizon project tried to build such a tool, but it seems to be inactive for years ...

appsec java code-review automated-testing

asked Mar 5 '12 at 12:00

Ralf
1234

Tagged Questions

Any useful tools for Android source code review? [closed]

What Checkstyle or Findbugs rules detect common vulnerabilities?

Is there a real risk of exploitation in java code where a null pointer is dereferenced

How to rate Open Source Libraries?

Related Tags