CSC 2045 Code Review Week 04

Questions and Answers

What is the typical review speed for code according to best practices?

• 250-300 lines/hour
• 100-150 lines/hour
• 150-200 lines/hour (correct)
• 200-250 lines/hour

Which type of code should be prioritized for review?

• Code that is easily understandable
• Code with minimal complexity
• Code that has not changed recently
• Code handling sensitive data (correct)

What is the purpose of the assert macro in C++?

• To prevent all forms of runtime exceptions
• To check for programming errors during debugging (correct)
• To capture user errors during runtime
• To handle network errors gracefully

Which of these bugs requires attention during a code review?

Off-by-one errors in loops (C)

What should unit test plans include?

A procedure to test code and expected outputs (B)

Which of these is a problem often encountered during code reviews?

Fallibility of human reviewers (D)

What type of problems are categorized as flaws in software development?

Subtle problems derived from design issues (A)

Which of the following is a primary goal of conducting a code review?

To identify coding defects for later removal (D)

What benefit does code review provide by finding defects earlier in the lifecycle?

Identifies bugs with less effort than traditional testing (D)

What is a key consideration during the code review process?

Establishing clear objectives and areas to focus on (B)

What is the primary purpose of a code review?

To improve code quality and promote learning (D)

Which of the following describes the typical frequency of code reviews in modern development practices?

With each small work unit ready for review (A)

Which of the following steps is NOT part of the typical code review workflow?

Create new code during the review (D)

What is the primary benefit of manual security code review compared to automated tools?

It can provide context and risk assessments. (A)

Why do many software developers create vulnerabilities in their code?

They lack education on software weaknesses. (C)

Why is it recommended for code authors to use a code review checklist before sending their code for review?

It helps authors catch important issues and think critically about their changes. (B)

What should a code reviewer focus on according to best practices in code reviews?

Addressing larger structural or logical problems before minor issues. (B)

What is a key benefit of using a code review checklist for code reviewers?

It directs reviewers to the most impactful issues in the code. (A)

What is the primary reason the review team should understand the business purpose of the application?

To guide the search for serious vulnerabilities (D)

Which source of information is considered the most effective for starting a security code review?

Conversations with developers and architects (B)

How can security review teams build trust with the development team?

By treating them as partners in the review process (B)

What is a significant challenge typically faced during the information gathering phase of a code review?

Documentation is often out of date and inadequate (B)

Why is it important for the reviewer to verify that key risks have been properly addressed?

To confirm that security controls are functioning adequately (D)

Which of the following best describes the role of the code author in the review process?

To work on feedback until all parties are satisfied (A)

Which two stakeholders are typically involved in the code review process?

The code authors and the code reviewers (D)

What is the purpose of the function add2Nums in the code?

To add two large numbers represented as strings (D)

What does the variable 'total' represent in the main function?

The sum of all numbers read from the file (A)

In the code, what is the role of the 'carryOver' variable within the addition logic?

It holds values that need to be added to the next digit (B)

What would happen if the input file 'numbers.txt' does not exist?

The program will throw a runtime error and terminate (D)

What does the loop condition 'while(!in.eof())' ensure?

The loop reads data until the end-of-file marker is reached (D)

Flashcards

Bugs

Problems introduced during software implementation. They are usually easier to find and fix.

Flaws

Problems that occur at a deeper level in the software design. They're more subtle and difficult to spot.

Code Review

The process of reviewing source code to identify potential coding issues. It involves someone other than the original coder looking for defects.

Why Perform Code Review?

The main reason to perform code review is to find and fix potential coding issues early in the development cycle.

Benefits of Code Review

It is recommended and often done to catch issues early in the development cycle. This approach finds defects more easily and expeditiously, often in less time and resources compared to testing.

Formal Code Review

A common code review technique involving a structured approach to finding defects in code. It often involves a checklist or guidelines to ensure a thorough review.

Code Review and Security

Code review can help educate developers about common security mistakes and vulnerabilities. This helps developers improve their security knowledge and awareness.

Code Review: A Summary

Code review is a beneficial practice that involves a thorough examination of source code to identify potential issues and defects. It's a collaborative approach with multiple perspectives, and helps to improve code quality.

Code Review Checklist

A list of common coding practices and potential issues to look for during a code review.

Prioritizing Code Review

Prioritizing which code to review based on its security risk and potential impact.

Unit Testing

A type of testing that focuses on verifying the functionality of individual components of a program.

Unit Test Plan

A detailed plan outlining how to test a piece of code, including inputs, expected outputs, and test procedures.

Assert Macro

A debugging tool in C++ that asserts a condition. If the condition is false, it prints an error message and aborts the program.

Integrating Code Review

The process of integrating code review into the software development lifecycle.

Review Feedback

Providing feedback on code reviews can motivate students to provide more detailed and helpful reviews, and also helps them learn from their mistakes.

Resubmission

Allowing students to resubmit their work after receiving feedback encourages them to apply the feedback and improve their code.

Review Feedback Benefits

Students who receive feedback on their reviews learn how to give effective feedback and understand the importance of constructive criticism.

Minimizing Plagiarism

Students reviewing code can inadvertently plagiarize good ideas. To minimize this, assign different, open-ended projects.

What is a code review?

The process of inspecting source code to identify potential issues and improve code quality.

What is over-the-shoulder code review?

A quick, informal review where one developer asks another to look over their code.

What is a code review cadence?

The practice of reviewing code when a smaller unit of work is completed, such as daily or weekly.

What is code analysis in code reviews?

The step in code review where the reviewer carefully examines the code for issues such as bugs, security vulnerabilities, and coding style violations.

What is giving feedback in code reviews?

The final step where the reviewer provides feedback to the developer, pointing out potential improvements and suggesting changes.

Cost- Effectiveness of Code Review

The cost of identifying security vulnerabilities during code review is significantly lower compared to dealing with them later in the development lifecycle.

Code Review for Developer Training

Code review can be a powerful tool for teaching developers best practices and raising their awareness about security weaknesses.

Insecure Code Visibility

Due to the complex nature of software, it is often difficult to distinguish between secure and insecure code, which can lead to buyers not being willing to pay more for secure software.

Technology Outpacing Security

The ability to develop new technologies has outpaced our ability to secure them, leading to an increase in vulnerabilities in modern software.

Code Author Review

This includes running through the same code review checklist yourself before sharing your code with others, catching potential issues early.

Threat Model

A structured analysis of an application's security risks, identifying vulnerabilities and potential attack vectors. It considers the application's business purpose, threat agents, their motivations, and potential attacks.

Information Gathering (Discovery)

Gathering information about the application's purpose, critical business impacts, threat agents, and potential attacks to create a comprehensive threat model.

Collaborative Code Review

A collaborative approach where reviewers work alongside developers, business representatives, and other stakeholders to identify and address security issues in the code.

Trusted Advisor Role

Building trust with development teams by acting as advisors rather than auditors, fostering a culture of collaboration and shared responsibility for security.

Early Stage Security Review

Integrating security reviews early in the development lifecycle, ideally during the design phase, to proactively address potential security concerns.

Code Review Feedback

Providing detailed and constructive feedback on a code change to help the author improve their code.

Code Author

The developer presenting their code for review, open to feedback and willing to address any issues or suggestions raised by the reviewer.

Code Review Challenges

Challenges that can hinder productive code reviews due to factors such as unclear requirements, inadequate communication, or inconsistent standards.

strRevToArray(const std::string& str, int num[])

A function that reverses a string and stores it in an integer array.

add2Nums(const std::string& str1, const std::string& str2)

A function that adds two large numbers represented as strings.

while(!in.eof())

A loop that reads numbers from a file and adds them to a running total using the add2Nums function.

add2Nums(const std::string& str1, const std::string& str2)

A function that adds two arrays of digits, handling carry-over.

for(int i = max; i >= 0; i--)

A loop that extracts digits from the result array and constructs the final answer string.

Study Notes

CSC 2045 Code Review

• Objectives: Conduct thorough source code analysis using various tools and techniques; describe the purpose and process of a code review; describe common security vulnerabilities in the course programming language; and describe the purpose and process of a code review.

Agenda: Week 04

• Vulnerabilities in Software: Bugs (problems introduced during implementation, easily discovered and corrected, e.g., buffer overflows, race conditions, unsafe system calls, incorrect validation); Flaws (problems at a deeper level, more subtle, originated from design and instantiation in code, e.g., compartmentalization, error-handling, broken access control).

• Teaching Code Review: Read the article: https://www.eduflow.com/blog/teaching-code-review-to-university-students; Reflect on your top takeaway.

• Introduction to Code Review: Inspection of source code by someone other than the author to identify coding defects for later removal. Focus on identifying defects and helping improve code quality. Read the article: https://wiki.owasp.org/index.php/Code_Review_Introduction. Browse: https://www.awesomecodereviews.com/fundamentals/code-review.

• Benefits of Code Review: Find defects earlier in the lifecycle; IBM finds 82% of defects before testing; Defects found with less effort than testing (IBM: 3.5 hrs/defect, testing: 15–25 hrs/defect); Identify different defects than testing; Identify design and requirement problems; Educate developers about security bugs; Developers frequently repeat the same mistakes.

• Code Review Preparation: Read the OWASP article: https://wiki.owasp.org/index.php/Code_Review_Preparation, including: Laying the Groundwork, Before We Start, Discovery: Gathering the Information, Context, Context, Context, and The Checklist. Students should browse: https://www.awesomecodereviews.com/checklists/code-review-checklist.

• Code Review Considerations: Know your limits (typical review speed is 150–200 lines/hour); Know what bugs to look for (checklists and static analysis tools). Problems include needing substantial expertise in programming and security; human errors; slow reviews of legacy code. Understand the time commitment required for effective code reviews.

• Prioritizing What Code To Review: Code accessible without authentication, code with a history of vulnerabilities, code that handles sensitive data, complex code, code that changes frequently.

• What To Look For & Giving Feedback: Bugs/Potential bugs (repetitive code, disagreements between code and spec, off-by-one errors, global variables, optimistic/un-defensive programming, magic numbers, inconsistent style, poor variable names); unclear, messy code (bad variable/method names, inconsistent indentation, too much on one line, trivial comments, multiple purposes for variables, lack of documentation). Students can browse: https://www.youtube.com/embed/NNXk_WJzyMI?si=Lh-LHmqHxg. Use the provided URLs for additional resources.

• Best Practices For Code Review: Enhance software security through structured design, code inspection, peer review; integrate code review into the software development process; Meet with developers, determine if code meets secure code development criteria, consider coding standards, code review checklists, and inspect code comments/documentation/unit test plans/security requirements. Students should browse: https://www.awesomecodereviews.com/best-practices/code-review

• Testing: Unit test plans should include how to test the code; demonstrate that the code meets security requirements and design/coding standards; include a test procedure, inputs, and expected outputs. Students should browse: https://best-practice-and-impact.github.io/qa-of-code-guidance.

• Assert Or Not To Assert (C++): assert macro for debugging prints error and aborts the program; designed to catch programming errors, not run-time errors, and usually disabled after debugging; your member functions should not use assert to validate user interaction, instead return a bool (true if valid, false if not). Students can browse: https://pythontutor.com/visualize.html#code=%23include%20%3eck.

• Example: Zune Infinite Loop: A provided C++ example demonstrates a potential infinite loop in the Zune software, resulting from flawed logic in year calculation—specifically, an error when checking leap years in a while loop. Students can browse: https://leancrew.com/all-this/2009/01/leap-year-and-the-zune.