Introduction to Code Auditing
Software code auditing is a project in programming that examines source code with the aim of identifying errors, security vulnerabilities, or violations of programming conventions. It is a defensive programming paradigm that attempts to reduce errors before software is released. C, C++, and php source codes are the most common audited codes because many high-level languages, such as Python, have fewer potentially vulnerable functions (for example, functions that do not check boundaries) - Wikipedia
CodeAudit is to check and analyze the source code of a program one by one based on the program's functions and key business operations that have been understood, identify common security vulnerabilities and business logic issues that may arise in the source code, and provide code modification suggestions or solutions.

Code auditing technology
Code inspection is the most commonly used technical means in code auditing work. In practical applications, it is carried out in the form of "automatic analysis + manual verification". The usual inspection items include: the open-source framework used by the system, source code design, improper error handling, direct object references, resource abuse, API abuse, backdoor code discovery, etc.
The risk points in the following code can usually be identified:
Cross-site scripting vulnerabilities, cross-site request masquerading vulnerabilities, SQL injection vulnerabilities, command execution vulnerabilities, log forgery vulnerabilities, parameter tampering, plaintext password storage, configuration file defects, path operation errors, resource management, unsafe Ajax calls, system information leakage, residual debug programs, third-party control vulnerabilities, file upload vulnerabilities, remote command execution, remote code Execution, unauthorized download, and authorization bypass vulnerabilities.
Environmental deployment
Regarding the deployment of the source code audit working environment, in fact, if the audit is conducted for the client's code in the form of a service, the audit environment is generally relatively complex and may encounter several situations:
The most ideal environment is when the client provides the code along with the corresponding testing environment. In this way, black-box and white-box audits can be conducted, which can enhance the efficiency and coverage of audits.
2. Only provide the project source code. You need to sort out the architecture of the entire project source code by yourself and read through all the key codes. The time cost is relatively high, but you can thoroughly understand the entire project source code and discover high-quality vulnerabilities.
3. Only providing source code snippet. In this case, it is first necessary to communicate with the client whether the complete project source code can be provided. Otherwise, it will to some extent affect the integrity of the source code audit, because some functional code snippet may not be able to find the called interface functions, and the business logic code cannot be traced.
So, for the client's code auditing service, there is basically no situation of setting up an environment because they do not provide a database, and it cannot be run even if they want to.
Common tools for code auditing

Preparatory work for code auditing
It is necessary to confirm the latest source code version with the customer
2. The client needs to prepare the code audit environment after entering the site. Should we provide our own computer for the audit or conduct the audit on the client's dedicated computer
3. If it is a dedicated computer, office or wps, a code editor and IDE tools need to be installed on the computer, and a code auditing tool should be deployed at the same time
4. It is necessary to provide relevant requirement documents and design documents of the audited system to help auditors understand the business and conduct in-depth audits in the business
5. It is necessary to inform the development team in advance and explain the code structure to the auditors, which can facilitate their quick entry into the auditing work
Code audit process
1. The customer provides the source code and signs a "Confidentiality Agreement"
After the source code deployment is completed, the source code is automatically audited through professional code auditing tools
3. Based on the results of the scanned source code, manually review the exposed common vulnerabilities and logical vulnerabilities, and delete the false positive vulnerabilities
4. Submit code snippets and code audit reports

Test cycle
The evaluation cycle is generally about 15 working days, but it may vary depending on the number of codes and the scale of the project. If the code rectification is not timely or involves third-party programs, the time is hard to say. The most uncertain factor in the evaluation cycle is the code rectification. The faster the rectification, the faster the conclusion. Therefore, if the user unit wants to end it as soon as possible, it must promptly implement and complete the code rectification.
The materials provided
"Application Form for Software Entrusted Testing"
"Source Code
Task books, contract books, application materials, etc
Constraint conditions
Sign the "Software Testing Entrustment Contract" and the "Confidentiality Agreement
Output
"Software Test Acceptance Report"
Service area
Beijing, Shanghai, Tianjin, Chongqing, Liaoning Province, Heilongjiang Province, Jilin Province, Guangdong Province, Hainan Province, Fujian Province, Hunan Province, Sichuan Province, Chongqing Municipality, Guizhou Province, Yunnan Province, Guangxi Province, Hubei Province, Henan Province, Shandong Province, Gansu Province, Xinjiang Province, Xizang Autonomous Region, Hebei Province, Shaanxi Province, Shanxi Province, Zhejiang Province, Jiangsu Province and other regionsEqual Protection AssessmentReport.
