You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Perform static analysis on source code to determine the likely number of latent vulnerabilities (e.g., using Coverity scan, RATS, or flawfinder); measures such as hit density could indicate more problematic software. A variant would be to report on densities of warnings when warning flags are enabled.
The text was updated successfully, but these errors were encountered:
Sure, but the point would be to see if the density was unusually high. If you keep walking to the edge of a cliff, eventually you are likely to fall off.
Per section 5.B of the paper:
Perform static analysis on source code to determine the likely number of latent vulnerabilities (e.g., using Coverity scan, RATS, or flawfinder); measures such as hit density could indicate more problematic software. A variant would be to report on densities of warnings when warning flags are enabled.
The text was updated successfully, but these errors were encountered: