Search
Code Directory
 ASP
 ASP.NET
 C/C++
 CFML
 CGI/PERL
 Delphi
 Development
 Flash
 HTML
 Java
 JavaScript
 Pascal
 PHP
 Python
 SQL
 Tools
 Visual Basic & VB.NET
 XML
New Code
Rapid PHP 2018 15.5
IBDAC 6.4
Online Course Booking Script 1.3.3
Database Workbench Pro 5.6.4
Job Portal Script 1.3.2
The C# PDF Library 5.2
PostgreSQL Data Access Components 6.0
Virtual Data Access Components 11.0
HTMLPad 2018 15.5
WeBuilder 2018 15.5
SentiMask SDK Trial 2.0.0
Track Order For Magento 2 1.0.0
Calendar 365 For Dynamics CRM 4.0
Scimbo 1.2
Odoo Furnito Theme 1.0
Top Code
PostgreSQL Data Access Components 4.4
Database Workbench Pro 5.6.4
Availability Booking Calendar PHP 1.0
Online Course Booking Script 3.04
ATN Site Builder 3.0
ATN Resume Finder 2.0
PHP Review Script 1.0
IBDAC 6.4
Invoice Manager by PHPJabbers 3.0
The C# PDF Library 1.0
ICPennyBid Penny Auction Script 4.0
Azizi search engine script PHP 4.1.10
HTMLPad 2018 15.5
Classified Ad Lister 1.0
Rapid PHP 2018 15.5
Top Rated
VisualNEO Web 2018.12.15
Azizi search engine script PHP 4.1.10
Paste phpSoftPro 1.4.1
Extreme Injector 3.7
Deals and Discounts Website Script 1.0.2
ADO.NET Provider for ExactTarget 1.0
Solid File System OS edition 5.1
Classified Ad Lister 1.0
Aglowsoft SQL Query Tools 8.2
Invoice Manager by PHPJabbers 3.0
ICPennyBid Penny Auction Script 4.0
PHP Review Script 1.0
ATN Resume Finder 2.0
ATN Site Builder 3.0
Availability Booking Calendar PHP 1.0
Secure Code Review 7.x-1.x-dev
File ID: 100760






Secure Code Review 7.x-1.x-dev
Download Secure Code Review 7.x-1.x-devhttp://drupal.orgReport Error Link
License: Freeware
File Size: 20.5 KB
Downloads: 10
Submit Rating:
Secure Code Review 7.x-1.x-dev Description
Description: The long name for this project could be: Static Code Analysis for Security Vulnerabilities.

Goal

From the abstract to the related project in the 2010 Google Summer of Code:
The goal of this module is to develop automated tools to assist with security reviews of Drupal module code. The tools will be built atop the grammar parser library and its code manipulation API (CMAPI). The project may also involve extending and enhancing the CMAPI to support the security review tools. The code manipulation API provides tools for traversing, searching and modifying a code snippet. This foundation should prove useful to the development of a security review engine.

Description

This module utilizes the Coder Upgrade framework and the Grammar Parser library to conduct a secure code review of a source code file based on its grammar. The review code is structured as custom routines fitting into the Coder Upgrade API. The routines are invoked by Coder Upgrade to review function calls and functions for secure code vulnerabilities. The module also utilizes the growing API for code searching, traversal and manipulation (e.g., getting, setting, inserting and deleting parameters to a function call) provided by the Grammar Parser library to review source code in a precise and programmatic fashion. Because Coder Upgrade utilizes the familiar Drupal hook system to invoke routines, other modules may enhance or modify the routines provided by this module. Contributed modules that define an API can develop vulnerability review routines that would enable other contributed modules relying on that API to review their code.

The module outputs a log file indicating the code file, item reviewed (function call or routine), line number and a description of the potential vulnerability.

This project was part of the 2010 Google Summer of Code.

This project is sponsored by Boombatower Development.

License: Freeware

Related: Review, Module, Routines, Project, Upgrade, Coder, Tools, manipulation, Library, Security, utilizes, Modules, Function, Searching, cmapi, grammar, provided, Secure, Parser

O/S:BSD, Linux, Solaris, Mac OS X

File Size: 20.5 KB

Downloads: 10



More Similar Code

Crystal REVS has the best code review, edit and visualization tools. It provides Flowcharts, Tokens Panel, Comment Generator, Auto-Formatting in real time.



Pau Code Review is a light weight code review tool. The emphasis of this project is to create the artifacts required for a code review without forcing a specific code review process on the user.



Code Review Bundle contains two separate tools: Review Assistant and Code Compare. Code Compare adds value to Review Assistant when tools are used together. Review Assistant is a code review plugin for Visual Studio. This tool helps you to create...



Provides an abstracted client-server model and plugin API for performing distributed operations such as code review and testing. Currently the project focuses on supporting Drupal development, but due to the extent of the code abstraction it can...



Review Assistant is a code review plugin for Visual Studio. The code review tool allows creating review requests and responding to them without leaving Visual Studio. Review Assistant supports TFS, Subversion, Git, Mercurial, and Perforce.



Review Assistant is a code review plug-in for Visual Studio. The code review tool allows creating review requests and responding to them without leaving Visual Studio. Review Assistant supports TFS, Subversion, Git, Mercurial, and Perforce. Key...



AgileReview - A OneClick Code Review Eclipse Plugin



VCG is an automated code security review tool for C++, C#, Java and PL/SQL which is intended to drastically speed up the code review process by identifying bad/insecure code.

It has a few features that should make it useful. In addition...



svncr, abbreviated "subversion code review tool" uses svn to give you a blame, log and diff all in one report. It is a diff format report that can get split out by filter that matches to log messages and code.



Main goals of this library:
* light, understandable, ergonomic and fast;
* only usefull things for John Doe or Jane Doe C programmers;
* produce secure code...

User Review for Secure Code Review
- required fields
     

Please enter text on the image