SSAS (E08) Lab Exercise on 10 OCT 2008

Tool Support for Implementation Audits

The goal of this lab is to familiarise you with the concept of tool support for implementation audits. In particular you should download such a tool and run it on one (or more) applications of your choice, e.g., your web server implementation from the network part of the course. In particular you should:
  1. Download and install an audit tool (see below)
  2. Run the tool on an application of your choice (e.g., your own web server, your favourite open source project)
  3. Note the number of potential bugs found, what kinds of bugs are found, and where in the program they are found
  4. Follow up on a representative number of potential bugs reported:
    1. Determine if the potential bug is real or not
    2. If it is not a real bug
      1. Discuss why the tool reported it anyway
      2. Discuss how the program could be changed so the tool would not report it
    3. If it is a real bug determine if it is exploitable
    4. If it is exploitable describe potential consequences and further attacks
    5. If it is not exploitable discuss
      1. Discuss why the tool reported it anyway
      2. Discuss how the program could be changed so the tool would not report it
      3. Discuss how the program could be changed to make the bug exploitable
  5. Discuss the strengths/weaknesses/usefulness of such tools

Suggested Tools

For Java applications I highly recommend FindBugs or PMD. Both tools are open source and relatively easy to get started with.