1. AC Question's Avatar
    Hi,
    I have query regarding Static code Analysis Tools.
    I have got a report from HP's Fortify tool which does static analysis on the source code. It has highlighted vulnerabilities in following areas :
    Security :
    - Path Manipulation
    - Unreleased Resource : Streams
    The source code is not mine, I got it from some other firm.
    The challenge is what HP's Fortify tool scan reported as mentioned above, when trying to scan with other tools on same source code, like FindBugs -> or by lint its not giving these errors. In fact they are not showing any issues under security.
    It will be good if you guys can suggest any promising free tool for static code analysis which should give report similar to what HP Fortify gives in terms of security.
    Note : I do not have access to HP's Fortify tool so in order to validate my fixes against the reported issues, I need the similar kind of free tool, which can do the job.
    I have already visited these forums and checked, did not find much help.
    -MobileSecurityWiki and ashishb->android-security on github
    Thanks!
    06-30-2016 01:14 AM

Similar Threads

  1. Replies: 0
    Last Post: 06-30-2016, 01:07 AM
  2. My Samsung S5 is about to reset, how can I avoid this.
    By AC Question in forum Ask a Question
    Replies: 0
    Last Post: 06-29-2016, 11:34 PM
  3. Why cant I move my game to SD card?
    By AC Question in forum Ask a Question
    Replies: 1
    Last Post: 06-29-2016, 11:23 PM
  4. how to do a factory reset on a droid maxx
    By AC Question in forum Motorola Droid MAXX
    Replies: 1
    Last Post: 06-29-2016, 11:22 PM
  5. how to do a factory reset on a droid maxx
    By AC Question in forum Ask a Question
    Replies: 1
    Last Post: 06-29-2016, 11:22 PM
LINK TO POST COPIED TO CLIPBOARD