Using Find Bugs Description: Locating and fixing software defects (bugs) is one of the most expensive tasks
Question:
Using Find Bugs Description: Locating and fixing software defects (bugs) is one of the most expensive tasks involved in software development. Because of this, software projects benefit greatly from tools that can automate the process of locating them. This is often accomplished using a technique called "static analysis", which examines the software and extracts useful knowledge from it. One such popular static analysis tool for Java programs is FindBugs. FindBugs examines the byte code of compiled Java classes for well known "bug patterns" that indicate possible defects and reports them with detailed information about the pattern it detected and why it may be a problem. FundBugs has an extensive database of these bug patterns and is quite good at locating hidden problems within even mature codebases. Task: For this exercise we will have FindBugs analyze one version of a software of your choice, preferably the one you have used in the previous assignment. You will then be asked to provide some detailed analysis of the generated report and to offer up a proposed fix for the identified bug: 1. Install the Eclipse plug-in for FindBugs 2. Run FindBugs on the input code of your choice. 3. Pick 10 issues of different types. 4. Create a report and, for each issue, add to the report: 1. The type of issue 2. Whether it is a false or a true positive 3. If it is a true positive, what are the necessary steps to fix it? 4. How long it took you to check it / fix it. 5. Add to the report a concise comment about your experience with FindBugs (positives, negatives, other comments).
Principles Of Information Security
ISBN: 9780357506431
7th Edition
Authors: Michael E. Whitman, Herbert J. Mattord