This paper presents results from the MSR 2021 Hackathon . Thesesecurity vulnerabilities can potentially be propagated through code reuse . We utilizethe World of Code infrastructure to discover file-level duplication of codefrom a nearly complete collection of open source software. This paper describes a method and set of tools to find all open source projects that use knownvulnerable files and any previous revisions of those files. We use these tools to discover files/projects that use vulnerable files .

Author(s) : David Reid, Kalvin Eng, Chris Bogart, Adam Tutko

Links : PDF - Abstract

Code :

Keywords : files - code - projects - open - source -

Leave a Reply

Your email address will not be published. Required fields are marked *