Thanks Karen, that site may have enough of what I can use. Still a
bit of work to do, but worth pursuing. The other sources were a bit
too short on the snippets side, which is my fault for not making the
question better.
I don't know how many of you used to read the C-Lint ads that said
See here:
http://suif.stanford.edu/~livshits/work/securibench-micro/
-Ben
From: sc-l-boun...@securecoding.org [mailto:sc-l-boun...@securecoding.org] On
Behalf Of Goertzel, Karen [USA]
Sent: Wednesday, May 06, 2009 12:40 PM
To: Brad Andrews; sc-l@securecoding.org
Subject: Re: [SC-L] Insecure
Brad, I recommend you approach this problem in reverse. Think of the
bug you want people to hunt for and then put together an appropriate
regular expressions in Google Code Search
(http://www.google.com/codesearch)
For instance lang:java request getParameter .*price might be a good
starting
At 12:47 PM -0500 5/7/09, Brad Andrews wrote:
Quoting ljknews ljkn...@mac.com:
At 5:49 PM -0500 5/6/09, Brad Andrews wrote:
Try a few of the PC-Lint bugs, if you ever wrote C/C++ code.
They can be really hard to figure out,
And yet people keep choosing those programming languages.