Identification and Removal of Software Security Vulnerabilities Using Source Code Analysis: A Case Study on a Java File Writer Program with Password Validation Features

Provided by: Academy Publisher
Topic: Software
Format: PDF
The authors illustrate the use of source code analysis to identify and remove the following software security vulnerabilities: hardcoded password, empty password initialization, denial of service, system information leak, unreleased resource and path manipulation. They propose one or more solution approaches to remove or at least mitigate each of these vulnerabilities that have the potential to significantly impact the security of software programs if they are left unattended. In this paper, they conduct an exhaustive source code analysis of a file writer program, developed in Java, embedded with features for password validation in order to illustrate the hardcoded password and empty password initialization vulnerabilities.

Find By Topic