-
Notifications
You must be signed in to change notification settings - Fork 1
Finding Security Issues Tutorial
Luke O'Malley edited this page Feb 16, 2018
·
5 revisions
-
Follow the setup instructions
-
Fork the sample project, "dangerous-c" to your personal github
-
Checkout the repo locally into the folder that's shared into your VM.
-
Look through the issues in the "dangerous-c" security analysis page. R2C is providing infrastructure and tooling to show the results of a bunch of analysis tools on all of the target projects in the hackathon repository.
-
Pick one of the issues that's highly upvoted and look at the locations in the code where the issue stems from.
-
Now go back to the code base, find and fix the issue, and commit it to your fork.
-
Open a pull request with your changes against the original project
-
Automated tooling will run and verify that your commit fixes the issue that you identified. Yay!