Software Security-Static Buffer Overflow Analysis in Object Oriented Programming Environment- A Comparative Study

Measurement of efficacy and efficiency of software (code) is one of the most useful and left over exercise in software development life cycle. Testing software regarding its capability to withstand attack is a major concern in the ICT field. There are many threats like threat to information, byte code error, malfunctioning, injections etc. Many tools have been created to combat the problem but the work path is not defined. We survey the research work in this area with the key interest in Buffer Overflow anomaly, a threat to be considered very seriously. We lay our research findings on some live projects in object oriented environment, analyze the test result of static and dynamic tools and try to improve the result of our work through code (statement/branch) coverage analysis. We henceforth attempt an algorithm to provide a checklist of some hot spot area in the software code. We also design a taxonomy of the error generated during our testing and analysis and strengthen the research with conclusion that the buffer overflow occur due to negligence in the code within the realm of taxonomy.