Questions tagged [code-review]
Questions about how to audit source code for security issues. Do note that requests for full code reviews are not on topic.
120 questions
2votes
2answers
162views
Can modern AI tools provide any information about the true purpose of potentially malicious code?
A recent question of mine was closed, as I effectively requested code analysis. A comment said: If you want an analysis, you could pop it into something like chatgpt Is there any analysis (or ...
- 447
0votes
1answer
265views
How to calculate CVSS score of a finding detected in the source code?
While I was doing source code review of API handlers for REST APIs, I found a security issue. This issue is that some methods have the annotation @PreAuthorize("permitAll()"). If I want to ...
- 465
33votes
1answer
6kviews
Crashing the sha1() function in PHP?
I am working on the following war game from Defend The Web, which requires me to do a source code review to login as the user memtash. The code is on GitLab here. Here is my methodology: Reset the ...
- 733
1vote
1answer
925views
How long would this take to bruteforce?
I am working on the following war game from Defend The Web, which requires me to do a source code review to login as the user memtash. The code is on GitLab here. Having inspected the source code ...
- 733
1vote
0answers
177views
What are some effective strategies to pentest a native code library?
The vast majority of resources out there about penetration testing applications is about web and mobile applications; in some cases there are resources about so-called "native applications" ...
- 1,347
0votes
0answers
129views
Use of JWT Token in open source project
I'm currently performing a code audit for an application that a company will release to the public as open-source in the next few days. In this application, they use a JWT token for authentication and ...
- 25
-1votes
4answers
418views
Vendor Security Review. When is it overkill?
Looking for everyone's opinion here. One of my buddies was doing a vendor security review for a company that sells different types of software. The software allows you to create 3D models for home and ...
- 133
0votes
0answers
244views
What tools/checklists can help determine the presence of malicious code in a database? MS SQL specifically
Consider a scenario, where your AV / EDR software has to exclude paths of database files as suggested by vendors to avoid affecting performance or stability issues. You want to review your database ...
- 1
1vote
1answer
820views
Safe sharing source code with 3rd party for security review?
I work at a small software company, and we are working with another company that wants to use our software. However, their InfoSec team want us to have a 3rd party source code review completed, with ...
0votes
1answer
563views
SQL injection and XSS prevention
I would kindly ask you to review the following code and tell me if it's enough to prevent most of SQL injection and XSS attacks. SQL injection: treated via PDO prepared statements; XSS: All user's ...
-1votes
1answer
668views
What is the difference between "secure code review" and "secure static code analysis"?
What are the subtle differences in both - as one could say that both are almost the same... Static Code Analysis (also known as Source Code Analysis) is usually performed as part of a Code Review ...
3votes
1answer
3kviews
Safe usage of Runtime.getRuntime.exec(String[])
I was reviewing code of an application that uses the following piece of Java code and wanted to know if the the use of exec() was susceptible to command injection. public class FindFileInDir { ...
- 233
0votes
0answers
137views
Counterintuitive remediation cost scale within SEI CERT Coding Guidelines for priority
The SEI CERT Coding Guidelines assign a priority to each rule, formed from the product of three factors: severity, likelihood, and remediation cost. Each of these three factors is assigned a value ...
- 101
86votes
6answers
20kviews
How am I ever going to be able to "vet" 120,000+ lines of Composer PHP code not written by me? [duplicate]
I depend on PHP CLI for all kinds of personal and (hopefully, soon) professional/mission-critical "business logic". (This could be any other language and the exact same problem would still stand; I'm ...
0votes
1answer
4kviews
What are things we look to find Access Control Database?
Currently Working on HP Fortify Access Control Database category. Source: userId = request.getParameter(Constants.USERID).trim(); Sink: pstm1.setString(3,userId.trim()); I saw the definition ...
