Software Security analysis, static and dynamic testing in java and C environment, a comparative study

Abstract: The main stretch in the paper is buffer overflow anomaly occurring in major source codes, designed in various programming language. It describes the various as to how to improve your code and increase its strength to withstand security theft occurring at vulnerable areas in the code. The main language used is JAVA, regarded as one of the most object oriented language still create lot of error like stack overflow, illegal/inappropriate method overriding. I used tools confined to JAVA to test as how weak points in the code can be rectified before compiled. The byte code theft is difficult to be conquered, so it's a better to get rid of it in the plain java code itself. The tools used in the research are PMD(Programming mistake detector), it helps to detect line of code that make pop out error in near future like defect in hashcode(memory maps) overriding due to which the java code will not function correctly. Another tool is FindBUGS which provide the tester of the code to analyze the weak points in the code like infinite loop, unsynchronized wait, deadlock situation, null referring and dereferencing. Another tool which provides the base to above tools is JaCoCo code coverage analysis used to detect unreachable part and unused conditions of the code which improves the space complexity and helps in easy clarification of errors. Through this paper, we design an algorithm to prevent the loss of data. The main audience is the white box tester who might leave out essential line of code like, index variables, infinite loop, and inappropriate hashcode in the major source program. This algorithm serves to reduce the damage in case of buffer overflow